Exchange and Firewall
From: Danny Sanders (Danny.Sanders_at_cpcNOmedSPAM.org)
Date: 05/24/04
- Next message: Mike Crabtree: "Re: Exchange 5.5 on NT 4.0 box wont work in Active Directory setting."
- Previous message: none: "x.400 adresses"
- Next in thread: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Reply: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 24 May 2004 10:52:01 -0600
We are running Exchange 2000 on Windows 2000 advanced server. We had been
running a Netscreen 10 firewall to protect the network. Last week we got a
Cisco Pix 506E to replace the Netscreen 10. I was able to get the Cisco 506E
configured to the point where we were able to browse the Internet and send
e-mail. With the Cisco Pix installed and using Cisco tech support (2
different techs).
The Cisco techs used telnet to get into the firewall and checked the config.
According to the Cisco techs everything is setup correctly for our internal
email server to receive email on it's "public IP address" and forwarded to
the Exchange server on our private network.
The problem is we still can not receive email. If I change the firewall back
to the Netscreen, we get email. The Cisco tech used telnet to access the
Exchange server with the Netscreen firewall in place and is able to connect.
Using telnet with the Cisco firewall in place results in a build of the
inbound connection immediately followed by a tear down, duration is 0:00:00
and the server sends a FIN.
Here is an excerpt of the log Cisco sent with the internal & external IP
addresses changed:
302013: Built inbound TCP connection 1543 for outside:218.54.27.20/3382
(218.54.27.20/3382) to inside:X.X.X.X/25 (67.95.237.52/25)
302014: Teardown TCP connection 1543 for outside:218.54.27.20/3382 to
inside:X.X.X.X/25 duration 0:00:00 bytes 0 TCP FINs
111009: User 'enable_15' executed cmd: show logging
302015: Built outbound UDP connection 1544 for outside:209.116.241.10/53
(209.116.241.10/53) to inside:X.X.X.X/31232 (67.95.237.52/31232)
302016: Teardown UDP connection 1544 for outside:209.116.241.10/53 to
inside:X.X.X.X/31232 duration 0:00:01 bytes 183
302015: Built outbound UDP connection 1545 for outside:209.116.241.10/53
(209.116.241.10/53) to inside:X.X.X.X/31233 (67.95.237.52/31233)
302016: Teardown UDP connection 1545 for outside:209.116.241.10/53 to
inside:X.X.X.X/31233 duration 0:00:01 bytes 202
302015: Built outbound UDP connection 1546 for outside:209.116.241.10/53
(209.116.241.10/53) to inside:X.X.X.X/31234 (67.95.237.52/31234)
302016: Teardown UDP connection 1546 for outside:209.116.241.10/53 to
inside:X.X.X.X/31234 duration 0:00:01 bytes 186
Any Ideas why Exchange will accept email through the Netscreen Firewall and
Not the Cisco Pix?
TIA
DDS
- Next message: Mike Crabtree: "Re: Exchange 5.5 on NT 4.0 box wont work in Active Directory setting."
- Previous message: none: "x.400 adresses"
- Next in thread: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Reply: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
