Solved

SMPT Connection cause Connection Timeout in Firebox

Posted on 2008-10-30
6
2,425 Views
Last Modified: 2013-11-16
We are having an issue with email from one company getting through to us.  We have tried multiple things on our email server and such to no avail.  I go look in the watchguard syslog and find the following:

Oct 30 15:20:43  kernel  SM: policy="svc:24" src_ip="66.***.***.***" dst_ip="192.168.42.205" pr="tcp" src_port="57264" dst_port="25" src_intf="2" dst_intf="9" rc="590" msg="Connect timeout" proxy_act="svc:24"

First what does svc:24 relate to.  And second how can i fix it so that there emails can get through to us.

Thanks
0
Comment
Question by:tbeerman
6 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 22851925
I have not worked with Watch Guard, so:

My guess is that "svc:24" is a reference to a service definition in your Firewall.  You would need to look at the service that may be listed/defined as the 24th service policy.

Generically you need to allow traffic to pass through your firewall from the outside in where the source address is any IP address, the source port is any high port, the destination IP address is your SMTP server and the destination port is 25.

On some firewalls you define this rule on the outside interface coming in, so the IP address of the SMTP server would most likely be the pubic IP address.  On other firewalls the rule is defined "in the middle" or on the inside interface, so the IP address of the SMTP server would need to be real IP address on the server.

Since your error message is showing a private IP address, I would assume the Watch Guard is the later type, so you would need to allow the traffic to 192.168.42.205.
0
 

Accepted Solution

by:
tbeerman earned 0 total points
ID: 22852598
Thanks I figured it out right before this response and it was in the SMTP proxy settings for the watchguard.  I turne off the smpt proxy and everthing works.  I am now going to weed through the proxy and figure exactly which trigger it is.
0
 

Author Comment

by:tbeerman
ID: 22852629
Found solution on my own.  please see above
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Expert Comment

by:provcom
ID: 23740050
Did you ever figure out what the trigger was? If so what needs to be changed?
0
 

Author Comment

by:tbeerman
ID: 23743397
i turned of smtp proxy and it worked after that. try turning if off and see if it all works and then go from there.
0
 

Expert Comment

by:Concise-cc
ID: 24632190
I'm getting the Same error with the Proxy turned on.. Did you get an answer as far as how to fix it with the proxy on.. Im trying to use the SPAM blocker option.. I talked to someone at watchguard and he had no clue.. I asked him to escalate and he wouldn't
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Read about achieving the basic levels of HRIS security in the workplace.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now