Solved

SMPT Connection cause Connection Timeout in Firebox

Posted on 2008-10-30
6
2,439 Views
Last Modified: 2013-11-16
We are having an issue with email from one company getting through to us.  We have tried multiple things on our email server and such to no avail.  I go look in the watchguard syslog and find the following:

Oct 30 15:20:43  kernel  SM: policy="svc:24" src_ip="66.***.***.***" dst_ip="192.168.42.205" pr="tcp" src_port="57264" dst_port="25" src_intf="2" dst_intf="9" rc="590" msg="Connect timeout" proxy_act="svc:24"

First what does svc:24 relate to.  And second how can i fix it so that there emails can get through to us.

Thanks
0
Comment
Question by:tbeerman
6 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 22851925
I have not worked with Watch Guard, so:

My guess is that "svc:24" is a reference to a service definition in your Firewall.  You would need to look at the service that may be listed/defined as the 24th service policy.

Generically you need to allow traffic to pass through your firewall from the outside in where the source address is any IP address, the source port is any high port, the destination IP address is your SMTP server and the destination port is 25.

On some firewalls you define this rule on the outside interface coming in, so the IP address of the SMTP server would most likely be the pubic IP address.  On other firewalls the rule is defined "in the middle" or on the inside interface, so the IP address of the SMTP server would need to be real IP address on the server.

Since your error message is showing a private IP address, I would assume the Watch Guard is the later type, so you would need to allow the traffic to 192.168.42.205.
0
 

Accepted Solution

by:
tbeerman earned 0 total points
ID: 22852598
Thanks I figured it out right before this response and it was in the SMTP proxy settings for the watchguard.  I turne off the smpt proxy and everthing works.  I am now going to weed through the proxy and figure exactly which trigger it is.
0
 

Author Comment

by:tbeerman
ID: 22852629
Found solution on my own.  please see above
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Expert Comment

by:provcom
ID: 23740050
Did you ever figure out what the trigger was? If so what needs to be changed?
0
 

Author Comment

by:tbeerman
ID: 23743397
i turned of smtp proxy and it worked after that. try turning if off and see if it all works and then go from there.
0
 

Expert Comment

by:Concise-cc
ID: 24632190
I'm getting the Same error with the Proxy turned on.. Did you get an answer as far as how to fix it with the proxy on.. Im trying to use the SPAM blocker option.. I talked to someone at watchguard and he had no clue.. I asked him to escalate and he wouldn't
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Read about achieving the basic levels of HRIS security in the workplace.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now