Since we lost the password for our WAN Checkpoint FW, I am replacing it with an ASA5505. To start with, I keeping it wide open “permit ip any any” as it is a secured private MPLS between our sits only. Everything is working fine, can ping systems between sites and RDP computers etc… except that our MS Exchange Server not working or communicating with the primary exchange server in other site to send or receive any emails… But I can ping and RDP both servers from both end.
Since it is wide open “permit ip any any”; anything else I need to permit/configure in ASA 5505 for the MS Exchange traffic to pass through?
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
conf t
policy-map global_policy
class inspection_default
no inspect esmtp
--------------------------
access-list FromOutside extended permit ip any any
access-list FromOutside extended permit esp any any
access-list FromOutside extended permit udp any eq isakmp any
access-list FromOutside extended permit udp any eq 4500 any
access-list FromInside extended permit ip any any
************************
global (outside) 1 interface
nat (inside) 0 access-list nonat_acl
access-group FromInside in interface inside
access-group FromOutside in interface outside
**************************
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global