SMPT Connection cause Connection Timeout in Firebox

We are having an issue with email from one company getting through to us.  We have tried multiple things on our email server and such to no avail.  I go look in the watchguard syslog and find the following:

Oct 30 15:20:43  kernel  SM: policy="svc:24" src_ip="66.***.***.***" dst_ip="192.168.42.205" pr="tcp" src_port="57264" dst_port="25" src_intf="2" dst_intf="9" rc="590" msg="Connect timeout" proxy_act="svc:24"

First what does svc:24 relate to.  And second how can i fix it so that there emails can get through to us.

Thanks
tbeermanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

giltjrCommented:
I have not worked with Watch Guard, so:

My guess is that "svc:24" is a reference to a service definition in your Firewall.  You would need to look at the service that may be listed/defined as the 24th service policy.

Generically you need to allow traffic to pass through your firewall from the outside in where the source address is any IP address, the source port is any high port, the destination IP address is your SMTP server and the destination port is 25.

On some firewalls you define this rule on the outside interface coming in, so the IP address of the SMTP server would most likely be the pubic IP address.  On other firewalls the rule is defined "in the middle" or on the inside interface, so the IP address of the SMTP server would need to be real IP address on the server.

Since your error message is showing a private IP address, I would assume the Watch Guard is the later type, so you would need to allow the traffic to 192.168.42.205.
0
tbeermanAuthor Commented:
Thanks I figured it out right before this response and it was in the SMTP proxy settings for the watchguard.  I turne off the smpt proxy and everthing works.  I am now going to weed through the proxy and figure exactly which trigger it is.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tbeermanAuthor Commented:
Found solution on my own.  please see above
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

provcomCommented:
Did you ever figure out what the trigger was? If so what needs to be changed?
0
tbeermanAuthor Commented:
i turned of smtp proxy and it worked after that. try turning if off and see if it all works and then go from there.
0
Concise-ccCommented:
I'm getting the Same error with the Proxy turned on.. Did you get an answer as far as how to fix it with the proxy on.. Im trying to use the SPAM blocker option.. I talked to someone at watchguard and he had no clue.. I asked him to escalate and he wouldn't
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.