Solved

Cisco ASA 5505 and MS Exchange Server

Posted on 2013-01-03
4
1,092 Views
Last Modified: 2013-01-04
Since we lost the password for our WAN Checkpoint FW, I am replacing it with an ASA5505. To start with, I keeping it wide open “permit ip any any” as it is a secured private MPLS between our sits only. Everything is working fine, can ping systems between sites and RDP computers etc… except that our MS Exchange Server not working or communicating with the primary exchange server in other site to send or receive any emails… But I can ping and RDP both servers from both end.

Since it is wide open “permit ip any any”; anything else I need to permit/configure in ASA 5505 for the MS Exchange traffic to pass through?
0
Comment
Question by:mkanagar
  • 3
4 Comments
 
LVL 12

Accepted Solution

by:
Gary Dewrell earned 300 total points
ID: 38741859
Could be the fixup protocal for smtp.
Take a look at this.

http://support.microsoft.com/kb/320027
0
 

Author Comment

by:mkanagar
ID: 38742024
Since ASA using "inspect" I tried the following, still not working..

conf t
policy-map global_policy
class inspection_default
no inspect esmtp

-----------------------------------



access-list FromOutside extended permit ip any any

access-list FromOutside extended permit esp any any

access-list FromOutside extended permit udp any eq isakmp any

access-list FromOutside extended permit udp any eq 4500 any

access-list FromInside extended permit ip any any


************************

global (outside) 1 interface

nat (inside) 0 access-list nonat_acl

access-group FromInside in interface inside

access-group FromOutside in interface outside

***************************

class-map inspection_default

 match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

 parameters

  message-length maximum 512

policy-map global_policy

 class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect netbios

  inspect rsh

  inspect rtsp
             
  inspect skinny

  inspect sqlnet

  inspect sunrpc

  inspect tftp

  inspect sip

  inspect xdmcp

!

service-policy global_policy global
0
 

Author Comment

by:mkanagar
ID: 38742055
Thanks gdewrell

Acutally it has to do with fixup/inspect. I just need to power off and power on after the changes.  It is working now.
0
 

Author Closing Comment

by:mkanagar
ID: 38742058
conf t
policy-map global_policy
class inspection_default
no inspect esmtp
wr

power off and on worked.  Thanks gdewrell.

http://support.microsoft.com/kb/161931
http://support.microsoft.com/kb/176466
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now