Re: Exchange and Firewall
From: Denis McDowell [MSFT] (denismcd_at_online.microsoft.com)
Date: 05/24/04
- Next message: Robert Lampkin [MSFT]: "RE: Messages to the internet from auto-replies getting stuck in the Categorizer."
- Previous message: eric: "owa connectivity"
- In reply to: Danny Sanders: "Exchange and Firewall"
- Next in thread: Danny Sanders: "Re: Exchange and Firewall"
- Reply: Danny Sanders: "Re: Exchange and Firewall"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 24 May 2004 15:18:27 -0400
Exchange will accept mail as long as the TCP connection and the SMTP
transaction reach the server. In this case, the firewall is somehow
preventing maiflow.
-- Denis McDowell [MSFT] "Danny Sanders" <Danny.Sanders@cpcNOmedSPAM.org> wrote in message news:%23RCDB$aQEHA.2468@tk2msftngp13.phx.gbl... > We are running Exchange 2000 on Windows 2000 advanced server. We had been > running a Netscreen 10 firewall to protect the network. Last week we got a > Cisco Pix 506E to replace the Netscreen 10. I was able to get the Cisco 506E > configured to the point where we were able to browse the Internet and send > e-mail. With the Cisco Pix installed and using Cisco tech support (2 > different techs). > The Cisco techs used telnet to get into the firewall and checked the config. > According to the Cisco techs everything is setup correctly for our internal > email server to receive email on it's "public IP address" and forwarded to > the Exchange server on our private network. > > The problem is we still can not receive email. If I change the firewall back > to the Netscreen, we get email. The Cisco tech used telnet to access the > Exchange server with the Netscreen firewall in place and is able to connect. > Using telnet with the Cisco firewall in place results in a build of the > inbound connection immediately followed by a tear down, duration is 0:00:00 > and the server sends a FIN. > > Here is an excerpt of the log Cisco sent with the internal & external IP > addresses changed: > > > 302013: Built inbound TCP connection 1543 for outside:218.54.27.20/3382 > (218.54.27.20/3382) to inside:X.X.X.X/25 (67.95.237.52/25) > > 302014: Teardown TCP connection 1543 for outside:218.54.27.20/3382 to > inside:X.X.X.X/25 duration 0:00:00 bytes 0 TCP FINs > > 111009: User 'enable_15' executed cmd: show logging > > 302015: Built outbound UDP connection 1544 for outside:209.116.241.10/53 > (209.116.241.10/53) to inside:X.X.X.X/31232 (67.95.237.52/31232) > > 302016: Teardown UDP connection 1544 for outside:209.116.241.10/53 to > inside:X.X.X.X/31232 duration 0:00:01 bytes 183 > > 302015: Built outbound UDP connection 1545 for outside:209.116.241.10/53 > (209.116.241.10/53) to inside:X.X.X.X/31233 (67.95.237.52/31233) > > 302016: Teardown UDP connection 1545 for outside:209.116.241.10/53 to > inside:X.X.X.X/31233 duration 0:00:01 bytes 202 > > 302015: Built outbound UDP connection 1546 for outside:209.116.241.10/53 > (209.116.241.10/53) to inside:X.X.X.X/31234 (67.95.237.52/31234) > > 302016: Teardown UDP connection 1546 for outside:209.116.241.10/53 to > inside:X.X.X.X/31234 duration 0:00:01 bytes 186 > > > > Any Ideas why Exchange will accept email through the Netscreen Firewall and > Not the Cisco Pix? > > > > TIA > > DDS > > > > > >
- Next message: Robert Lampkin [MSFT]: "RE: Messages to the internet from auto-replies getting stuck in the Categorizer."
- Previous message: eric: "owa connectivity"
- In reply to: Danny Sanders: "Exchange and Firewall"
- Next in thread: Danny Sanders: "Re: Exchange and Firewall"
- Reply: Danny Sanders: "Re: Exchange and Firewall"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
