Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

SMPT Connection cause Connection Timeout in Firebox

Posted on 2008-10-30
6
Medium Priority
?
2,499 Views
Last Modified: 2013-11-16
We are having an issue with email from one company getting through to us.  We have tried multiple things on our email server and such to no avail.  I go look in the watchguard syslog and find the following:

Oct 30 15:20:43  kernel  SM: policy="svc:24" src_ip="66.***.***.***" dst_ip="192.168.42.205" pr="tcp" src_port="57264" dst_port="25" src_intf="2" dst_intf="9" rc="590" msg="Connect timeout" proxy_act="svc:24"

First what does svc:24 relate to.  And second how can i fix it so that there emails can get through to us.

Thanks
0
Comment
Question by:tbeerman
6 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 1000 total points
ID: 22851925
I have not worked with Watch Guard, so:

My guess is that "svc:24" is a reference to a service definition in your Firewall.  You would need to look at the service that may be listed/defined as the 24th service policy.

Generically you need to allow traffic to pass through your firewall from the outside in where the source address is any IP address, the source port is any high port, the destination IP address is your SMTP server and the destination port is 25.

On some firewalls you define this rule on the outside interface coming in, so the IP address of the SMTP server would most likely be the pubic IP address.  On other firewalls the rule is defined "in the middle" or on the inside interface, so the IP address of the SMTP server would need to be real IP address on the server.

Since your error message is showing a private IP address, I would assume the Watch Guard is the later type, so you would need to allow the traffic to 192.168.42.205.
0
 

Accepted Solution

by:
tbeerman earned 0 total points
ID: 22852598
Thanks I figured it out right before this response and it was in the SMTP proxy settings for the watchguard.  I turne off the smpt proxy and everthing works.  I am now going to weed through the proxy and figure exactly which trigger it is.
0
 

Author Comment

by:tbeerman
ID: 22852629
Found solution on my own.  please see above
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 

Expert Comment

by:provcom
ID: 23740050
Did you ever figure out what the trigger was? If so what needs to be changed?
0
 

Author Comment

by:tbeerman
ID: 23743397
i turned of smtp proxy and it worked after that. try turning if off and see if it all works and then go from there.
0
 

Expert Comment

by:Concise-cc
ID: 24632190
I'm getting the Same error with the Proxy turned on.. Did you get an answer as far as how to fix it with the proxy on.. Im trying to use the SPAM blocker option.. I talked to someone at watchguard and he had no clue.. I asked him to escalate and he wouldn't
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question