C Panel Emails are not working behind the fortinet firewall Model:-300C
Hi Experts,
last 2 weeks i have facing the connectivity problem with my cloud email server.
i have make the policy of email ports like pop3 , smtp and other email ports allow in entire users.
but sometime it's working and sometimes not working inside firewall network. if i have connect my laptop outside the firewall network at that time emails are working smoothly.
we are using the outlook for email access.
pl. help me on this problem what should i do to resolved that problem?
last 2 weeks i have facing the connectivity problem with my cloud email server.
i have make the policy of email ports like pop3 , smtp and other email ports allow in entire users.
but sometime it's working and sometimes not working inside firewall network. if i have connect my laptop outside the firewall network at that time emails are working smoothly.
we are using the outlook for email access.
pl. help me on this problem what should i do to resolved that problem?
ASKER
Dear Shaun Vermaak,
Thank for your Reply......
As you mention port, i have verify in my allow list and found that some port (2525,2526 and 587) is not in allow list, now i have put on allow list but still not working.
how to find out the email host can be distributed on various actual hosts.
pl. guide me on same.....and also i have attached the outlook error MSG.
Thanks
Ajay Panchal
Outlook-error-MSG.jpg
Thank for your Reply......
As you mention port, i have verify in my allow list and found that some port (2525,2526 and 587) is not in allow list, now i have put on allow list but still not working.
how to find out the email host can be distributed on various actual hosts.
pl. guide me on same.....and also i have attached the outlook error MSG.
Thanks
Ajay Panchal
Outlook-error-MSG.jpg
ASKER
Dear Shaun Vermaak,
To overcome, inside the firewall network i'm able to ping my email server and also try to nslookup to my emails server that time also response was received.
if my laptop is out of firewall network at this time in outlook able to received mails and sending emails but i have connect my laptop inside the firewall network at this time is not working and i never understand what is the problem behind that issue.
Thanks
Ajay Panchal
To overcome, inside the firewall network i'm able to ping my email server and also try to nslookup to my emails server that time also response was received.
if my laptop is out of firewall network at this time in outlook able to received mails and sending emails but i have connect my laptop inside the firewall network at this time is not working and i never understand what is the problem behind that issue.
Thanks
Ajay Panchal
Please telnet to 109.75.160.223 on the ports mention. Check if any of them don't work
ASKER
Not able to telnet to host. below mentions error received while trying to telnet but 2 days back the mails are working smoothly inside the firewall network.
C:\>telnet 109.75.160.223
Connecting To 109.75.160.223...Could not open connection to the host, on port 23: Connect failed
C:\>telnet 109.75.160.223 110
Connecting To 109.75.160.223...Could not open connection to the host, on port 110: Connect failed
C:\>telnet 109.75.160.223 25
Connecting To 109.75.160.223...Could not open connection to the host, on port 25: Connect failed
C:\>telnet 109.75.160.223 465
Connecting To 109.75.160.223...Could not open connection to the host, on port 465: Connect failed
C:\>telnet 109.75.160.223 993
Connecting To 109.75.160.223...Could not open connection to the host, on port 993: Connect failed
C:\>telnet 109.75.160.223 587
Connecting To 109.75.160.223...Could not open connection to the host, on port 587: Connect failed
C:\>telnet 109.75.160.223 2525
Connecting To 109.75.160.223...Could not open connection to the host, on port 2525: Connect failed
C:\>telnet 109.75.160.223 2526
Connecting To 109.75.160.223...Could not open connection to the host, on port 2526: Connect failed
C:\>telnet 109.75.160.223
Connecting To 109.75.160.223...Could not open connection to the host, on port 23: Connect failed
C:\>telnet 109.75.160.223 110
Connecting To 109.75.160.223...Could not open connection to the host, on port 110: Connect failed
C:\>telnet 109.75.160.223 25
Connecting To 109.75.160.223...Could not open connection to the host, on port 25: Connect failed
C:\>telnet 109.75.160.223 465
Connecting To 109.75.160.223...Could not open connection to the host, on port 465: Connect failed
C:\>telnet 109.75.160.223 993
Connecting To 109.75.160.223...Could not open connection to the host, on port 993: Connect failed
C:\>telnet 109.75.160.223 587
Connecting To 109.75.160.223...Could not open connection to the host, on port 587: Connect failed
C:\>telnet 109.75.160.223 2525
Connecting To 109.75.160.223...Could not open connection to the host, on port 2525: Connect failed
C:\>telnet 109.75.160.223 2526
Connecting To 109.75.160.223...Could not open connection to the host, on port 2526: Connect failed
All of these 25, 110, 465, 993 work from my side, the rest are not used. You are definitely being blocked by a network or host-based firewall.
Can you export your Fortinet rules so that I can check?
Can you export your Fortinet rules so that I can check?
ASKER
in firewall i have create the one group as email access and add all service port as you mention and add one policy and sources is all (my lan network) and destination all and services is emails access as i have created and no any security profile was apply for this policy.
can we take a remote session with Teamviewer or Anydesk is it possible for you?
can we take a remote session with Teamviewer or Anydesk is it possible for you?
ASKER
Dear Shaun Vermaak,
Pl. guide me on this problem.....
Pl. guide me on this problem.....
Hello Ajay,
If you are getting "Connect failed" error on telnet means traffic is blocked from your system itself. If it takes a while means connection is blocked on network level.
Can you sniff the traffic on FortiGate to see if the traffic is blocked by FortiGate or traffic itself is not reaching the FortiGate.
Sniff command: #diag sniffer packet any 'host your-system-ip and port 110' 4
Do telnet to server on port 110 Capture the sniffer output using putty and paste here.
Good Luck!
If you are getting "Connect failed" error on telnet means traffic is blocked from your system itself. If it takes a while means connection is blocked on network level.
Can you sniff the traffic on FortiGate to see if the traffic is blocked by FortiGate or traffic itself is not reaching the FortiGate.
Sniff command: #diag sniffer packet any 'host your-system-ip and port 110' 4
Do telnet to server on port 110 Capture the sniffer output using putty and paste here.
Good Luck!
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
25, 110, 465, 587, 993, 2525, 2526
Also, the email host can be distributed on various actual hosts and if not all of them are allowed, you will get intermittent connection problems.