Link to home
Start Free TrialLog in
Avatar of ryanthompson
ryanthompson

asked on

Connection problems with Port 25 over a Point to Point VPN Connection

I have a basic network\wan\VPN setup.  An Exchange 2010 server is in our main office.  All remote offices are connected to the main office via a VPN.  Cisco ASA's are used at all locations.  
What we are wanting to do is setup the Scan to Email feature on our LaserJet MFP M525s.  I configure IP and SMTP settings on the LaserJet at a remote office and can ping the email server and vise versa.  But the SMTP settings fail the tests.  I try to telnet to port 25 on the Exchange server and it times out and fails.  I have the same LaserJet at our main office and configure it the same way it works just fine.  I can telnet to port 25 on the exchange server at our main office.  
I'm assuming that this is why SMTP settings fail on the MFP's at the remote sites.  I have checked firewall rules and about everything else I can think of.  I'm hoping someone here has some ideas.  Let me know if more info is needed and I'll get it to you.  

Thanks!
Avatar of mds-cos
mds-cos
Flag of United States of America image

There is nothing inherent to the VPN connection that would interfere with SMTP IP traffic to port 25.  You are definitely on the right track though by doing the telnet test.  Your assumption is correct -- if you cannot establish a connection to port 25 your SMTP setup on the printer will fail.

Does all other traffic across the VPN work?  Can you post your rule set and VPN configs (purged, of course, from IP and username/pw/other secure info)?
Avatar of ryanthompson
ryanthompson

ASKER

All other traffic works.  I can telnet to port 80 and 443 on the email server.  It's just port 25 that is giving me fits.  I'm working on getting the configs.
Avatar of Simon Butler (Sembee)
That will be the modern equivilent of fixup SMTP. It even causes problems with SMTP traffic.
http://semb.ee/fixupsmtp

You need to get it disabled on the Cisco devices.

Simon.
Simon - I stumbled across an article drescribing that.  I disabled it.  ESMTP doesn't show in the "inspect" list in my config.
You can soon check.
Telnet from the remote site to your Exchange server on port 25. Issue an ehlo command. If anything has xxxx on it, then it is still being blocked.

Simon.
I can't telnet to port 25 on the Exchange server from a remote site.
That means something is blocking the traffic.
AV, antispam are the usual targets, but I would still point the finger at the Cisco devices. I used to run a Cisco VPN myself and dumped it because it because it was too complex to manage.

Simon.
Simon - I agree.  I've disable the AV software and the windows firewall.  I think it's the Cisco devices.  I just can't figure out why and it's getting frustrating.

Thanks!
ASKER CERTIFIED SOLUTION
Avatar of Simon Butler (Sembee)
Simon Butler (Sembee)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial