Cisco ASA blocks TLS through SMTP ???

Hi Experts,

I'm in the process of testing and establishing a TLS connection with the third party email filtering company. They are escalating my firewall is masked out STARTLS as a SMTP security precaution.

My firewall is running 8.0(4) IOS, how do i identify this situation and disable the SMTP protection to establish TLS between my email server and them ??

Thanks a lot !  
Shakthi777Asked:
Who is Participating?
 
stsonlineConnect With a Mentor Commented:
Turn off ESMTP inspection in your policy-map:

policy-map global_policy
class inspection_default
no inspect esmtp
0
 
Shakthi777Author Commented:
First I did,
$policy-map type inspect esmtp esmtp_map
$parameters
$allow-tls

But it didn't work,

and after that i did
$no fixup protocol smtp 25

now it's works !

What is the diferent between those commands ??

Thanks a lot for your time !
0
 
stsonlineCommented:
The policy-map commands are used in version 8.0 of the Cisco PIX/ASA OS, the fixup command is an obsolete command used in version 6 and earlier. If you are running 8.0(4) you should not have fixup commands, you may want to check the version information.
0
 
Shakthi777Author Commented:
I'm sure that I'm running 8.0(4), and I'm sure that $no fixup protocol smtp 25 worked for me. (but I'm a new to Cisco any way .. )

thanks for you support !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.