Solved

SMPT Connection cause Connection Timeout in Firebox

Posted on 2008-10-30
6
2,456 Views
Last Modified: 2013-11-16
We are having an issue with email from one company getting through to us.  We have tried multiple things on our email server and such to no avail.  I go look in the watchguard syslog and find the following:

Oct 30 15:20:43  kernel  SM: policy="svc:24" src_ip="66.***.***.***" dst_ip="192.168.42.205" pr="tcp" src_port="57264" dst_port="25" src_intf="2" dst_intf="9" rc="590" msg="Connect timeout" proxy_act="svc:24"

First what does svc:24 relate to.  And second how can i fix it so that there emails can get through to us.

Thanks
0
Comment
Question by:tbeerman
6 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 22851925
I have not worked with Watch Guard, so:

My guess is that "svc:24" is a reference to a service definition in your Firewall.  You would need to look at the service that may be listed/defined as the 24th service policy.

Generically you need to allow traffic to pass through your firewall from the outside in where the source address is any IP address, the source port is any high port, the destination IP address is your SMTP server and the destination port is 25.

On some firewalls you define this rule on the outside interface coming in, so the IP address of the SMTP server would most likely be the pubic IP address.  On other firewalls the rule is defined "in the middle" or on the inside interface, so the IP address of the SMTP server would need to be real IP address on the server.

Since your error message is showing a private IP address, I would assume the Watch Guard is the later type, so you would need to allow the traffic to 192.168.42.205.
0
 

Accepted Solution

by:
tbeerman earned 0 total points
ID: 22852598
Thanks I figured it out right before this response and it was in the SMTP proxy settings for the watchguard.  I turne off the smpt proxy and everthing works.  I am now going to weed through the proxy and figure exactly which trigger it is.
0
 

Author Comment

by:tbeerman
ID: 22852629
Found solution on my own.  please see above
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Expert Comment

by:provcom
ID: 23740050
Did you ever figure out what the trigger was? If so what needs to be changed?
0
 

Author Comment

by:tbeerman
ID: 23743397
i turned of smtp proxy and it worked after that. try turning if off and see if it all works and then go from there.
0
 

Expert Comment

by:Concise-cc
ID: 24632190
I'm getting the Same error with the Proxy turned on.. Did you get an answer as far as how to fix it with the proxy on.. Im trying to use the SPAM blocker option.. I talked to someone at watchguard and he had no clue.. I asked him to escalate and he wouldn't
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question