Re: Exchange and Firewall
From: Danny Sanders (Danny.Sanders_at_cpcNOmedSPAM.org)
Date: 05/24/04
- Next message: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Previous message: Don: "RE: Exchange via HTTP on the Internet"
- In reply to: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Next in thread: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Reply: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 24 May 2004 13:59:41 -0600
Thanks Denis.
On the Cisco PIX device manager, all references to our internal Exchange
server have the subnetmask as 255.255.255.255 and throws up errors when I
set them to 255.255.255.0. Would the incorrect subnetmask cause the
connection to fail?
Thanks
DDS
"Denis McDowell [MSFT]" <denismcd@online.microsoft.com> wrote in message
news:ujKhqPcQEHA.1960@TK2MSFTNGP10.phx.gbl...
> Exchange will accept mail as long as the TCP connection and the SMTP
> transaction reach the server. In this case, the firewall is somehow
> preventing maiflow.
>
>
>
> --
> Denis McDowell [MSFT]
> "Danny Sanders" <Danny.Sanders@cpcNOmedSPAM.org> wrote in message
> news:%23RCDB$aQEHA.2468@tk2msftngp13.phx.gbl...
> > We are running Exchange 2000 on Windows 2000 advanced server. We had
been
> > running a Netscreen 10 firewall to protect the network. Last week we got
a
> > Cisco Pix 506E to replace the Netscreen 10. I was able to get the Cisco
> 506E
> > configured to the point where we were able to browse the Internet and
send
> > e-mail. With the Cisco Pix installed and using Cisco tech support (2
> > different techs).
> > The Cisco techs used telnet to get into the firewall and checked the
> config.
> > According to the Cisco techs everything is setup correctly for our
> internal
> > email server to receive email on it's "public IP address" and forwarded
to
> > the Exchange server on our private network.
> >
> > The problem is we still can not receive email. If I change the firewall
> back
> > to the Netscreen, we get email. The Cisco tech used telnet to access the
> > Exchange server with the Netscreen firewall in place and is able to
> connect.
> > Using telnet with the Cisco firewall in place results in a build of the
> > inbound connection immediately followed by a tear down, duration is
> 0:00:00
> > and the server sends a FIN.
> >
> > Here is an excerpt of the log Cisco sent with the internal & external IP
> > addresses changed:
> >
> >
> > 302013: Built inbound TCP connection 1543 for outside:218.54.27.20/3382
> > (218.54.27.20/3382) to inside:X.X.X.X/25 (67.95.237.52/25)
> >
> > 302014: Teardown TCP connection 1543 for outside:218.54.27.20/3382 to
> > inside:X.X.X.X/25 duration 0:00:00 bytes 0 TCP FINs
> >
> > 111009: User 'enable_15' executed cmd: show logging
> >
> > 302015: Built outbound UDP connection 1544 for outside:209.116.241.10/53
> > (209.116.241.10/53) to inside:X.X.X.X/31232 (67.95.237.52/31232)
> >
> > 302016: Teardown UDP connection 1544 for outside:209.116.241.10/53 to
> > inside:X.X.X.X/31232 duration 0:00:01 bytes 183
> >
> > 302015: Built outbound UDP connection 1545 for outside:209.116.241.10/53
> > (209.116.241.10/53) to inside:X.X.X.X/31233 (67.95.237.52/31233)
> >
> > 302016: Teardown UDP connection 1545 for outside:209.116.241.10/53 to
> > inside:X.X.X.X/31233 duration 0:00:01 bytes 202
> >
> > 302015: Built outbound UDP connection 1546 for outside:209.116.241.10/53
> > (209.116.241.10/53) to inside:X.X.X.X/31234 (67.95.237.52/31234)
> >
> > 302016: Teardown UDP connection 1546 for outside:209.116.241.10/53 to
> > inside:X.X.X.X/31234 duration 0:00:01 bytes 186
> >
> >
> >
> > Any Ideas why Exchange will accept email through the Netscreen Firewall
> and
> > Not the Cisco Pix?
> >
> >
> >
> > TIA
> >
> > DDS
> >
> >
> >
> >
> >
> >
>
>
- Next message: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Previous message: Don: "RE: Exchange via HTTP on the Internet"
- In reply to: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Next in thread: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Reply: Denis McDowell [MSFT]: "Re: Exchange and Firewall"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
