• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2613
  • Last Modified:

Cisco ASA blocks TLS through SMTP ???

Hi Experts,

I'm in the process of testing and establishing a TLS connection with the third party email filtering company. They are escalating my firewall is masked out STARTLS as a SMTP security precaution.

My firewall is running 8.0(4) IOS, how do i identify this situation and disable the SMTP protection to establish TLS between my email server and them ??

Thanks a lot !  
0
Shakthi777
Asked:
Shakthi777
  • 2
  • 2
1 Solution
 
stsonlineCommented:
Turn off ESMTP inspection in your policy-map:

policy-map global_policy
class inspection_default
no inspect esmtp
0
 
Shakthi777Author Commented:
First I did,
$policy-map type inspect esmtp esmtp_map
$parameters
$allow-tls

But it didn't work,

and after that i did
$no fixup protocol smtp 25

now it's works !

What is the diferent between those commands ??

Thanks a lot for your time !
0
 
stsonlineCommented:
The policy-map commands are used in version 8.0 of the Cisco PIX/ASA OS, the fixup command is an obsolete command used in version 6 and earlier. If you are running 8.0(4) you should not have fixup commands, you may want to check the version information.
0
 
Shakthi777Author Commented:
I'm sure that I'm running 8.0(4), and I'm sure that $no fixup protocol smtp 25 worked for me. (but I'm a new to Cisco any way .. )

thanks for you support !
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now