Solved

Cisco ASA 5505 blocking for smtp port 25?

Posted on 2013-06-11
4
1,816 Views
Last Modified: 2013-06-13
Hi
I am new to Cisco, and do not understand command line or how to get access to it so need to do alterations via Graphical Interface. Hopefully someone can guide me :)

I have 2 mail servers

1 old that we want to remove as not supporting ssl/tls
On this one to send we use port 2225. Cisco Opens WAN:2225 to LAN:2225(spamfilter) that forwards to LAN:25(Imail)
This works fine

Now i want to setup 2nd server
I want to use port 25
so WAN:25 to LAN:25
However when setting this up in Outlook I can not get connection with port 25

The only way i can gain access is if i VPN into the Servers LAN, then use LANIP:25 it works

Therefore i concluded that fault is with cisco even through port 25 is open

Where do I start to look. Anyone has any suggestions how to PD this or how to allow port 25 through cisco using the graphical interface if thats the problem?

Thanks
Morten
0
Comment
Question by:morten444
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
Senthil Kumar earned 500 total points
ID: 39240651
You need to map the real server IP to a Virtual IP and forward the port 25 the virtual IP. Configuration explained in the below link


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080862017.shtml
0
 

Author Comment

by:morten444
ID: 39241785
Hi Thanks for your reply
I am trying to follow to Grapical guide and I can add the smtp allow rule on top
Then i want to "insert after" and create the "any --> any less secure networks" to permit it

problem is that I have no idea how to find "any less secure networks" in the list of option
I onl have "any" and all the local servers and and all the interfaces on the cisco router
I just cant get the "any less secure  networks"

Any idea?
There are only webservers/mail servers behind this ciso, no office network

See attached how it is before i start to add my rule
When i add my rule  the one ith "any less secure networks" is removed.
Then when i add "insert after" i cant get it back, only any --> any
cisco-asa-5505.jpg
0
 
LVL 10

Expert Comment

by:Senthil Kumar
ID: 39243642
Create an Object for your mail server and select the destination as your Mail server object which u hv created.
0
 

Author Closing Comment

by:morten444
ID: 39243971
Hi Thanks for your reply
Not sure what solved it but solved.
I did not have to create anything extra in the end
I keept checking port 25 if open
The only thing i have is one access rule opening port 25 and one NAT from LAN to WAN

This is how it always was but for some reason it just started to work
Thanks for good and helpfull links anyway. Points given
cheers
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now