I've been busy whole weekend configuring an ASA 5505 with Sec+ lic. I have put my OWA (https) en UTM (smtp) in the DMZ. It all works, I can access webmail and the mail flows in and out, but when I check for open ports on the website www.grc.com
with ShieldsUP! ports 25 and 443 are shown open on the inside. In the DMZ that should be normal, but on the inside they should be stealh in my opinion. Also the Ping reply check fails. I'm getting the message: "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet." I thought this was default behaviour of the ASA not replying on ping?
With my previous router (CopperJet 1622) I created a similar situation and al was in Stealth mode.
When I disconnect the DMZ cable from the ASA and run the test again, all ports show Stealth but the message aboout relying to Ping remains.
Could you expersts have a look at my config and see what I have misconfigured? I am on ASA version 8.2(1) and ASDM 6.2(1).
Attached to this post you'll find my current config attached (Asa5505-EE.txt)
Thanks in advance! Your help is highly appreciated!