	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

Email thru ASA 5505

Asked by badams_iyns in Networking Hardware Firewalls, Enterprise Firewalls, Exchange Email Server

I'm not getting email and I can't telnet to port 25. I can telnet to 25 from the lan but when I try to telnet to 25 to the external IP it fails. Mail I send from my yahoo account fails, saying it'll keep trying, indicating the world just can't see the server at all.

ICMP is failing as well, at least during initial setup and testing, I'd like to be able to ping.

What's a man to do?

View the Solution FREE for 30 Days

         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:

           
           
             names
name 10.10.100.23 EXCHANGE
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.10.100.1 255.255.255.0 
!
interface Vlan2
 nameif outside
 security-level 0
 ip address XXX.TER.NAL.33 255.255.255.248 
!
dns server-group DefaultDNS
 domain-name nunyobidness.com 
object-group network EMAIL
 network-object EXCHANGE 255.255.255.255
access-list outside_access_in extended permit icmp any any 
access-list outside_access_in extended permit tcp any host EXCHANGE eq smtp 
access-list inside_access_out extended permit icmp any any 
access-list inside_access_in extended permit ip any any 
access-list OUTSIDE_ACCESS_IN extended permit tcp any host XXX.TER.NAL.34 eq smtp 
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 ISP.'s.GW.38 1
!
class-map inspection_default
 match default-inspection-traffic
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect sqlnet 
  inspect skinny 
  inspect sunrpc 
  inspect xdmcp 
  inspect sip 
  inspect netbios 
  inspect tftp 
!
service-policy global_policy global
smtp-server 10.10.100.23

           
         

20091111-EE-VQP-92 - Hierarchy / EE_QW_3_20080625

Hall of Fame

1. keith_ala...82,100
2. deimark54,265
3. JFrederic...43,500
4. dpk_wal41,050
5. lrmoore34,450
6. ccomley33,960
7. grimkin22,976
8. MikeKane22,400
9. PeteLong19,164
10. 3nerds15,000
11. sangamc12,800
12. rsivanandan12,650
13. ikalmar11,249
14. bignewf11,164
15. nodisco11,100
16. uetian170710,134
17. kenboonejr9,425
18. VisionVoice9,000
19. decoleur8,550
20. stsonline7,500
21. pwindell6,900
22. jodylemoine6,500
23. Bembi6,000
24. harbor2355,500
24. asavener5,500
24. Jay_Gridley5,500

1. lrmoore1,600,373
2. keith_ala...605,928
3. calvinetter244,408
4. rsivanandan242,988
5. tim_holman196,866
6. nodisco185,714
7. batry_boy159,024
8. grblades127,009
9. Voltz-dk111,609
10. PeteLong102,309
11. dpk_wal97,550
12. JFrederic...83,100
13. carribeant...80,185
14. Cyclops3...78,576
15. stressedo...71,924
16. harbor23568,605
17. srikrishnak60,096
18. MikeKane56,928
19. deimark55,615
20. pruecons...55,203
21. ccomley54,304
22. jjoseph_x48,002
23. billwharton44,427
24. td_miles43,372
25. RobWill42,673