Re: Netgear routes can't send SMTP logs any longer

The reason I don't suspect the boxes is because it happened all of a sudden
to more than one. One of them even has a different Rev of firmware. I have
even reset the boxes to the factory defaults and still no go.



"Rich Matheisen [MVP]" <richnews@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:06m3m3huj2h7raqtsrp0stqbq5d3eqk99k@xxxxxxxxxx
"Jordan" <nospam@xxxxxxxx> wrote:

Something changed on my Exchange 2003 server since applying SP2 several
months ago. I used to have 3 netgear firewall boxes send me the logs
daily
by SMTP but that has stopped working.

When I check the current connections on the SMTP connector I can see that
when the router tries to send the logs it connect for exactly 60 seconds
then disconnects.

I have tried to monitor the connection via Ethereal between the device and
the Exchange server and it looks like it makes it through HELO, MAIL FROM,
and RCPT TO fine. After the response packet from the Exchange server from
the RCPT TO command there is one more smtp [ACK] packet from the firewall
box to the exchange server. and then it just sits there for 60 seconds
until
I get a [FIN, ACK] packet again from the firewall to the Exchange Server.

So, if the response to the RCPT TO command is "250", and the firewall
receives that okay, why doesn't the firewall send the DATA command?

Since it's only those boxes that seem to have a problem it would make
sense to move the troubleshooting to them. Do they record the SMTP
conversation? Do they see the 250 response to the RCPT TO command? If
they do, why no DATA command?

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Don't send mail to this address mailto:h.pott@xxxxxxxxxxxxx
Or to these, either: mailto:h.pott@xxxxxxxxxxxxxxx
mailto:melvin.mcphucknuckle@xxxxxxxxxxxxx
mailto:melvin.mcphucknuckle@xxxxxxxxxxxxxxx




.

Relevant Pages

  • Re: Netgear routes cant send SMTP logs any longer
    ... I used to have 3 netgear firewall boxes send me the logs daily ... by SMTP but that has stopped working. ... the Exchange server and it looks like it makes it through HELO, MAIL FROM, ... So, if the response to the RCPT TO command is "250", and the firewall ...
    (microsoft.public.exchange.admin)
  • Re: Suggest firewall for Win98se+ICS(dialup)+NAV
    ... to go out and buy all new boxes capable of running Win 2000 Pro or Win XP ... |> either disable the firewall or otherwise change its settings. ... vulnerability in a small business environment is from the inside, ... Any disgruntled Win 98 SE user can obviously walk in and install something ...
    (comp.security.firewalls)
  • Re: [fw-wiz] segmentation of DMZs
    ... public as well as private boxes. ... In fact, separate zones can make some things easier, for instance when ... as they pass through the firewall, so that the response always passes ... "open ports x,y,z and 1024-65535 in both directions", etc. ...
    (Firewall-Wizards)
  • Fwd: Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
    ... In my exprerience, these boxes just work. ... So why should we have to stick a firewall in front of a machine ... NAT boxes and hardware firewalls are tools. ... I myself put my windows boxes ...
    (Full-Disclosure)
  • Re: who flags on OSR5
    ... logged in user with command: ... On a box with about 220 users, all but 5 remote in terms of being not within ... Checking a few other smaller boxes shows almost the same thing. ... Sometimes my own ssh session shows up, sometimes nothing at all is retruned ...
    (comp.unix.sco.misc)