[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Sporadic connectivity issues with GMAIL SMTP server with Sonicwall TZ210

Posted on 2011-10-13
22
Medium Priority
?
1,851 Views
Last Modified: 2012-05-12
On Monday night I installed a new TZ210 sonicwall to replace a TZ170.  Our company utilizes GMAIL for corporate email.  I am now having a sporadic issue where internal network devices that need to contact the GMAIL SMTP server work and then stop and then work again.

It is totally random how long the equipment will work.  The office copier/scanner will send scanned documents for hours and then it we get an error where the SMTP server cannot be reached.

The non-authenticated server for gmail is:  aspmx.l.google.com  
Even when the scanner cannot reach the SMTP server.  This also occurs randomly with the Sonicwall when trying to dump the email logs.  

 I can telnet on port 25 it still.  The firewall is not blocking the traffic.

 It is basic port 25 traffic as the scanner won't support SSL.

I have checked with Sonicwall tech support and they have verified my configuration on the firewall as well as stated that there are no known issues with the model.  I am running the latest firmware.  I did the upgrade last night after the initial config on Monday night to see if it would help.

I have also contacted Google support, but after their initial canned response on Tuesday, I have had zero feedback from them.

Has anyone seen this happen with google before or with a sonicwall device?  I found one other old posting of someone saying it was sporadic, but the question was never followed up on with a permanent solution.
0
Comment
Question by:jbmos2333
  • 14
  • 6
  • 2
22 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 36967765
Does anything show up in the Sonciwall logs when it stops working?

Is it only the copier/scanner that stops working, or all pc's have connectivity issues?
0
 

Author Comment

by:jbmos2333
ID: 36967816
Nope, nothing shows up in the sonicwall logs when it stops working.

There aren't any PC connectivity issues.  It is only the scanner and the sonicwall trying to reach Google's SMTP server for the corporate email.

I have sent 3 additional messages to Google support since Tuesday with still no further response.
0
 

Author Comment

by:jbmos2333
ID: 36967862
Just as an example.  Here is an excerpt from the copier/scan send log file to Google's SMTP server from yesterday.

I have attached a screenshot of part of the log file from yesterday.  Everywhere there is an NG with end code #899, the scanner could not reach the Google SMTP server.  During this same time the Sonicwall could not send its log file to the admin email account either.

And then it will just start working again later.  Its currently working right now as of 07:48 EST.
ScannerLog.png
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 20

Expert Comment

by:carlmd
ID: 36968046
Have you checked the network settings on the copier? Insuring that the gateway and dns settings are correct. Is the gateway set to the Sonicwall? Since you installed a new Sonicwall, I assume that the settings on the copier are the same, and this did not happen with the old Sonicwall. Correct?

Is the copier using smtp of your ISP directly, or is it passing through anything locally, like an exchange server?
0
 
LVL 4

Expert Comment

by:Christopher Raymond Mendoza
ID: 36968050
A similar scenario happened to one of my clients before. The cause of their problem was their DNS server.
0
 

Author Comment

by:jbmos2333
ID: 36968064
Oh yes.  I have checked and re-checked all of the settings multiple times.  We never had this happen with the old Sonicwall.  And all of the internal testing, telnet on port 25 to google passes every time.

The copier is using SMTP directly and not going through anything local.
0
 

Author Comment

by:jbmos2333
ID: 36968073
And its down again.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 36968106
Have you powered cycled the copier since this started?

Do you have more than one of these copier devices or similar, and if so does the other one have the issue.

If you have the name of the smtp server in the settings of the copier try replacing that with the ip address 74.125.91.26 and see if that helps.
0
 

Author Comment

by:jbmos2333
ID: 36968119
No we only have the one copier, plus the firewall itself can't send the logs.

I have tried using the IP directly and it doesn't matter.

On my way into the office now to try and think of something else.
0
 
LVL 4

Expert Comment

by:Christopher Raymond Mendoza
ID: 36968163
I guess the best time to do a trace is when it is down. Maybe disconnect the copier and use that IP to run telnet and traceroute.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 36968191
You could turn on the Sonciwall (System -> Packet Monitor) packet monitor to see exactly what is happening when the failure occurs. If you do this, post back the result.
0
 

Author Comment

by:jbmos2333
ID: 36968574
Yeah I am using packet monitor right now.  Problem is by the time that I made it back to the office, its working again, and all packets from the copier ip show forwarded.  

0
 

Author Comment

by:jbmos2333
ID: 36968606
When I worked with the sonicwall support team we ran into the problem where everything is working and the packets look good.

This morning when I saw the log file wasn't sending there wasn't anyone in the office yet to try the scanner out and I am only in the office a couple days a week.
0
 

Author Comment

by:jbmos2333
ID: 36969039
Ok finally have some proof that internally is working.  After sending 12 scans successfully it quit working again.

I have the packet monitor setup to check all traffic from the scanner IP address, and it shows all of them being forwarded out of the network.

No dropped packets at all.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 36969196
So then the problem is with the SMTP gateway at google, OR....

Could the size of the message (scan) be too large?
Have you checked that?
0
 

Author Comment

by:jbmos2333
ID: 36969420
Size of my test messages were 700k.

Some others people have sent with no problem have been as large as 7 or 8 mb.

I have updated my case with Google again, but still no acknowledgment from them since Tuesday.
0
 

Author Comment

by:jbmos2333
ID: 36969649
I also just got off the phone with a second sonicwall tech to reverify my packet monitoring setup as well as overall configuration.  And he also agreed that everything on the firewall is correct, all traffic is being sent properly and the however unlikely it may be, that something is up with the SMTP on Google's side for there to be an intermittent problem.

Going to try and call Google support now since no one is responding to my open ticket on this.
0
 
LVL 20

Accepted Solution

by:
carlmd earned 2000 total points
ID: 36969656
Is your packet capture showing the smtp responses from google? If so, please post them for a failed transaction.
0
 

Author Comment

by:jbmos2333
ID: 36969975
Here is what one of the packets looks like from google in response:

IP Packet Header
 IP Type: TCP(0x6), Src=[74.125.91.27], Dst=[192.168.18.50]
TCP Packet Header
 TCP Flags = [ACK,FIN,], Src=[25], Dst=[1205], Checksum=0xa7b9
Application Header
 Smtp
Value:[0]
Forwarded 0:0)

0
 

Assisted Solution

by:jbmos2333
jbmos2333 earned 0 total points
ID: 36970014
I found the problem in the hex code of in the firewall.  Glad I looked there.  Anyone have any insight.

I never would get this message since the scanner can't receive email back.

450-4.2.1 prevents additional messages from being delivered. Please resend
> your
> 450-4.2.1 message at a later time. If the user is able to receive mail at
> that
> 450-4.2.1 time, your message will be delivered

I had to decipher this over multiple packets.  Never even thought to look at the HEX dump till now.

I can state, the the test account that I have been using receives about 100 emails a month.  That its.  Time to research this error now.

Thanks
0
 

Author Comment

by:jbmos2333
ID: 36970195
Ok i think i have it fixed.

Since the copier could not receive the google error, you would never get it.  But I went and added our static IP to the whitelist in google apps.

This has been work for a year and half and why all of sudden this would have been a problem now, I have no idea.

No doubt I would have figured this out sooner, had Google responded to any of the inquiries, but I appreciate everyone that pitched in.
0
 

Author Closing Comment

by:jbmos2333
ID: 37049329
carlmd gave me the idea to look at the packets in fuller detail again.  I could see successfully that the packets were sending and receiving properly from our copier and to the google smtp server.

But it wasnt until i did a hex dump of the incoming packets did i see there was an error message in there from google.  The google error message was not at all indicitive of the actual problem on the google side i was able to deduce the issue that the static IP from our side  (which had been working for 1.5 years) was being sporadically blocked on the google side.

Thanks to all that pitched in to help track this down.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you’re making plans to join the modern business race, you should analyze various details that may affect your results. Nowadays, millions of businesses are trying to grow into established and appreciated professional enterprises.
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month19 days, 3 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question