Sporadic connectivity issues with GMAIL SMTP server with Sonicwall TZ210
On Monday night I installed a new TZ210 sonicwall to replace a TZ170. Our company utilizes GMAIL for corporate email. I am now having a sporadic issue where internal network devices that need to contact the GMAIL SMTP server work and then stop and then work again.
It is totally random how long the equipment will work. The office copier/scanner will send scanned documents for hours and then it we get an error where the SMTP server cannot be reached.
The non-authenticated server for gmail is: aspmx.l.google.com
Even when the scanner cannot reach the SMTP server. This also occurs randomly with the Sonicwall when trying to dump the email logs.
I can telnet on port 25 it still. The firewall is not blocking the traffic.
It is basic port 25 traffic as the scanner won't support SSL.
I have checked with Sonicwall tech support and they have verified my configuration on the firewall as well as stated that there are no known issues with the model. I am running the latest firmware. I did the upgrade last night after the initial config on Monday night to see if it would help.
I have also contacted Google support, but after their initial canned response on Tuesday, I have had zero feedback from them.
Has anyone seen this happen with google before or with a sonicwall device? I found one other old posting of someone saying it was sporadic, but the question was never followed up on with a permanent solution.
It is totally random how long the equipment will work. The office copier/scanner will send scanned documents for hours and then it we get an error where the SMTP server cannot be reached.
The non-authenticated server for gmail is: aspmx.l.google.com
Even when the scanner cannot reach the SMTP server. This also occurs randomly with the Sonicwall when trying to dump the email logs.
I can telnet on port 25 it still. The firewall is not blocking the traffic.
It is basic port 25 traffic as the scanner won't support SSL.
I have checked with Sonicwall tech support and they have verified my configuration on the firewall as well as stated that there are no known issues with the model. I am running the latest firmware. I did the upgrade last night after the initial config on Monday night to see if it would help.
I have also contacted Google support, but after their initial canned response on Tuesday, I have had zero feedback from them.
Has anyone seen this happen with google before or with a sonicwall device? I found one other old posting of someone saying it was sporadic, but the question was never followed up on with a permanent solution.
ASKER
Nope, nothing shows up in the sonicwall logs when it stops working.
There aren't any PC connectivity issues. It is only the scanner and the sonicwall trying to reach Google's SMTP server for the corporate email.
I have sent 3 additional messages to Google support since Tuesday with still no further response.
There aren't any PC connectivity issues. It is only the scanner and the sonicwall trying to reach Google's SMTP server for the corporate email.
I have sent 3 additional messages to Google support since Tuesday with still no further response.
ASKER
Just as an example. Here is an excerpt from the copier/scan send log file to Google's SMTP server from yesterday.
I have attached a screenshot of part of the log file from yesterday. Everywhere there is an NG with end code #899, the scanner could not reach the Google SMTP server. During this same time the Sonicwall could not send its log file to the admin email account either.
And then it will just start working again later. Its currently working right now as of 07:48 EST.
ScannerLog.png
I have attached a screenshot of part of the log file from yesterday. Everywhere there is an NG with end code #899, the scanner could not reach the Google SMTP server. During this same time the Sonicwall could not send its log file to the admin email account either.
And then it will just start working again later. Its currently working right now as of 07:48 EST.
ScannerLog.png
Have you checked the network settings on the copier? Insuring that the gateway and dns settings are correct. Is the gateway set to the Sonicwall? Since you installed a new Sonicwall, I assume that the settings on the copier are the same, and this did not happen with the old Sonicwall. Correct?
Is the copier using smtp of your ISP directly, or is it passing through anything locally, like an exchange server?
Is the copier using smtp of your ISP directly, or is it passing through anything locally, like an exchange server?
A similar scenario happened to one of my clients before. The cause of their problem was their DNS server.
ASKER
Oh yes. I have checked and re-checked all of the settings multiple times. We never had this happen with the old Sonicwall. And all of the internal testing, telnet on port 25 to google passes every time.
The copier is using SMTP directly and not going through anything local.
The copier is using SMTP directly and not going through anything local.
ASKER
And its down again.
Have you powered cycled the copier since this started?
Do you have more than one of these copier devices or similar, and if so does the other one have the issue.
If you have the name of the smtp server in the settings of the copier try replacing that with the ip address 74.125.91.26 and see if that helps.
Do you have more than one of these copier devices or similar, and if so does the other one have the issue.
If you have the name of the smtp server in the settings of the copier try replacing that with the ip address 74.125.91.26 and see if that helps.
ASKER
No we only have the one copier, plus the firewall itself can't send the logs.
I have tried using the IP directly and it doesn't matter.
On my way into the office now to try and think of something else.
I have tried using the IP directly and it doesn't matter.
On my way into the office now to try and think of something else.
I guess the best time to do a trace is when it is down. Maybe disconnect the copier and use that IP to run telnet and traceroute.
You could turn on the Sonciwall (System -> Packet Monitor) packet monitor to see exactly what is happening when the failure occurs. If you do this, post back the result.
ASKER
Yeah I am using packet monitor right now. Problem is by the time that I made it back to the office, its working again, and all packets from the copier ip show forwarded.
ASKER
When I worked with the sonicwall support team we ran into the problem where everything is working and the packets look good.
This morning when I saw the log file wasn't sending there wasn't anyone in the office yet to try the scanner out and I am only in the office a couple days a week.
This morning when I saw the log file wasn't sending there wasn't anyone in the office yet to try the scanner out and I am only in the office a couple days a week.
ASKER
Ok finally have some proof that internally is working. After sending 12 scans successfully it quit working again.
I have the packet monitor setup to check all traffic from the scanner IP address, and it shows all of them being forwarded out of the network.
No dropped packets at all.
I have the packet monitor setup to check all traffic from the scanner IP address, and it shows all of them being forwarded out of the network.
No dropped packets at all.
So then the problem is with the SMTP gateway at google, OR....
Could the size of the message (scan) be too large?
Have you checked that?
Could the size of the message (scan) be too large?
Have you checked that?
ASKER
Size of my test messages were 700k.
Some others people have sent with no problem have been as large as 7 or 8 mb.
I have updated my case with Google again, but still no acknowledgment from them since Tuesday.
Some others people have sent with no problem have been as large as 7 or 8 mb.
I have updated my case with Google again, but still no acknowledgment from them since Tuesday.
ASKER
I also just got off the phone with a second sonicwall tech to reverify my packet monitoring setup as well as overall configuration. And he also agreed that everything on the firewall is correct, all traffic is being sent properly and the however unlikely it may be, that something is up with the SMTP on Google's side for there to be an intermittent problem.
Going to try and call Google support now since no one is responding to my open ticket on this.
Going to try and call Google support now since no one is responding to my open ticket on this.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Here is what one of the packets looks like from google in response:
IP Packet Header
IP Type: TCP(0x6), Src=[74.125.91.27], Dst=[192.168.18.50]
TCP Packet Header
TCP Flags = [ACK,FIN,], Src=[25], Dst=[1205], Checksum=0xa7b9
Application Header
Smtp
Value:[0]
Forwarded 0:0)
IP Packet Header
IP Type: TCP(0x6), Src=[74.125.91.27], Dst=[192.168.18.50]
TCP Packet Header
TCP Flags = [ACK,FIN,], Src=[25], Dst=[1205], Checksum=0xa7b9
Application Header
Smtp
Value:[0]
Forwarded 0:0)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok i think i have it fixed.
Since the copier could not receive the google error, you would never get it. But I went and added our static IP to the whitelist in google apps.
This has been work for a year and half and why all of sudden this would have been a problem now, I have no idea.
No doubt I would have figured this out sooner, had Google responded to any of the inquiries, but I appreciate everyone that pitched in.
Since the copier could not receive the google error, you would never get it. But I went and added our static IP to the whitelist in google apps.
This has been work for a year and half and why all of sudden this would have been a problem now, I have no idea.
No doubt I would have figured this out sooner, had Google responded to any of the inquiries, but I appreciate everyone that pitched in.
ASKER
carlmd gave me the idea to look at the packets in fuller detail again. I could see successfully that the packets were sending and receiving properly from our copier and to the google smtp server.
But it wasnt until i did a hex dump of the incoming packets did i see there was an error message in there from google. The google error message was not at all indicitive of the actual problem on the google side i was able to deduce the issue that the static IP from our side (which had been working for 1.5 years) was being sporadically blocked on the google side.
Thanks to all that pitched in to help track this down.
But it wasnt until i did a hex dump of the incoming packets did i see there was an error message in there from google. The google error message was not at all indicitive of the actual problem on the google side i was able to deduce the issue that the static IP from our side (which had been working for 1.5 years) was being sporadically blocked on the google side.
Thanks to all that pitched in to help track this down.
Is it only the copier/scanner that stops working, or all pc's have connectivity issues?