CT08
asked on
Windows Firewall Dropping Allowed Packets
We have a problem whereby Altaro VMBackup will not send an email notification.
I found that if I turn off Windows Firewall on the Server then the email sends ok. I don't want to leave Windows firewall turned off due to the current configuration of the Server (I won't go into that now) so I tried allowing port 25 Outbound on the firewall for any profile from any source to any destination. This did not work.
If I turn on Windows Firewall Logging for dropped packets then is shows quite clearly that the packet has been dropped:
2016-07-12 16:54:19 DROP TCP ###.###.##.## ###.###.###.## 56460 25 0 - 0 0 0 - - - SEND
I though that maybe the APP needed to be allowed too so I allowed every .exe associated with the program out through the firewall for any profile, from any source to any destination. Still no luck.
Please help!
I found that if I turn off Windows Firewall on the Server then the email sends ok. I don't want to leave Windows firewall turned off due to the current configuration of the Server (I won't go into that now) so I tried allowing port 25 Outbound on the firewall for any profile from any source to any destination. This did not work.
If I turn on Windows Firewall Logging for dropped packets then is shows quite clearly that the packet has been dropped:
2016-07-12 16:54:19 DROP TCP ###.###.##.## ###.###.###.## 56460 25 0 - 0 0 0 - - - SEND
I though that maybe the APP needed to be allowed too so I allowed every .exe associated with the program out through the firewall for any profile, from any source to any destination. Still no luck.
Please help!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Also, the above comment was from me, forgot to sign in before posting!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Qlemo,
There is no SMTP Drop rule set up, only an allow one.
There is no SMTP Drop rule set up, only an allow one.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Qlemo,
It clicked when reading your last comment! I found a bunch of deny rules with spurious names. I expanded some of the columns and found that they were blocking traffic from the program that was trying to send the email! I have disabled these rules and the test email works fine now.
Thanks a lot for your help, though this was a "couldn't see for looking" kind of issue :-)
It clicked when reading your last comment! I found a bunch of deny rules with spurious names. I expanded some of the columns and found that they were blocking traffic from the program that was trying to send the email! I have disabled these rules and the test email works fine now.
Thanks a lot for your help, though this was a "couldn't see for looking" kind of issue :-)
Yes, I set port 25 as the destination port, from any source port.
The strange this is, if I allow all ports inbound and outbound (any port, any source, any destination, any program), so essentially turning Windows firewall off, it still drops packets on port 25.
You're right, it is better to control outbound, especially in the case of port 25. With our mail systems I try to make sure that port 25 is only allowed from the sending Server to the relay, which is what I'm trying to do here.