Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco ASA 5505 blocking for smtp port 25?

Posted on 2013-06-11
4
Medium Priority
?
1,972 Views
Last Modified: 2013-06-13
Hi
I am new to Cisco, and do not understand command line or how to get access to it so need to do alterations via Graphical Interface. Hopefully someone can guide me :)

I have 2 mail servers

1 old that we want to remove as not supporting ssl/tls
On this one to send we use port 2225. Cisco Opens WAN:2225 to LAN:2225(spamfilter) that forwards to LAN:25(Imail)
This works fine

Now i want to setup 2nd server
I want to use port 25
so WAN:25 to LAN:25
However when setting this up in Outlook I can not get connection with port 25

The only way i can gain access is if i VPN into the Servers LAN, then use LANIP:25 it works

Therefore i concluded that fault is with cisco even through port 25 is open

Where do I start to look. Anyone has any suggestions how to PD this or how to allow port 25 through cisco using the graphical interface if thats the problem?

Thanks
Morten
0
Comment
Question by:morten444
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
Senthil Kumar earned 2000 total points
ID: 39240651
You need to map the real server IP to a Virtual IP and forward the port 25 the virtual IP. Configuration explained in the below link


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080862017.shtml
0
 

Author Comment

by:morten444
ID: 39241785
Hi Thanks for your reply
I am trying to follow to Grapical guide and I can add the smtp allow rule on top
Then i want to "insert after" and create the "any --> any less secure networks" to permit it

problem is that I have no idea how to find "any less secure networks" in the list of option
I onl have "any" and all the local servers and and all the interfaces on the cisco router
I just cant get the "any less secure  networks"

Any idea?
There are only webservers/mail servers behind this ciso, no office network

See attached how it is before i start to add my rule
When i add my rule  the one ith "any less secure networks" is removed.
Then when i add "insert after" i cant get it back, only any --> any
cisco-asa-5505.jpg
0
 
LVL 10

Expert Comment

by:Senthil Kumar
ID: 39243642
Create an Object for your mail server and select the destination as your Mail server object which u hv created.
0
 

Author Closing Comment

by:morten444
ID: 39243971
Hi Thanks for your reply
Not sure what solved it but solved.
I did not have to create anything extra in the end
I keept checking port 25 if open
The only thing i have is one access rule opening port 25 and one NAT from LAN to WAN

This is how it always was but for some reason it just started to work
Thanks for good and helpfull links anyway. Points given
cheers
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question