Solved

what firewall rule do I use to allow email through my firewall

Posted on 2011-03-21
5
574 Views
Last Modified: 2012-05-11
I'm running exchange 2003, what firewall rule do I enable to allow email through my cisco ASA 5500? I set an allow from any to my exchange servers public IP address with TCP/SMTP protocol on port 25, but I'm still not recieving email. I also just had the public DNS entry mail for mail,mydomain.com. Am I just too impatient?
0
Comment
Question by:knfitz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 2

Expert Comment

by:PowerToaster
ID: 35183137
Well a normal allow for smtp would be something like this.

permit tcp any host 10.10.110.1 eq smtp.

You may just be impatient but you could try sending something to the server from a public email like hotmail or gmail as a test.

Are you doing any NAT or is the public IP assinged directly to your mail server.

http://www.mxtoolbox.com/ has a number of very good free tools for remotely testing you mail servers configuration which may help you trouble shoot this.
0
 

Author Comment

by:knfitz
ID: 35183157
when I do the check dns in exchange system manager it says the domain is not valid. I set the fqdn to mail.mydomain.org
0
 

Expert Comment

by:aevegan
ID: 35183179
Sounds like maybe your missing the NAT rule (if you're using NAT)
0
 

Author Comment

by:knfitz
ID: 35183186
no, I have the nat rule in place and it's working. It looks like my isp is not done with my dns records. Let me give ti a little time.
0
 
LVL 6

Accepted Solution

by:
Lee_YCP earned 500 total points
ID: 35183982
Can you do a 'sho run' and post that so we can see your config and ACLs?  be sure to change or xx out your public IPs and pasword hashes.

Also, understand that your ISP may be configuring your DNS MX record, but you may still need to configure a DNS MX record internally to allow internal clients to find that domain.
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question