- Posts: 23
- Thank you received: 0
Problem with FWSM. Please help.
- calicutbobby
- Topic Author
- Offline
- Junior Member
Less
More
17 years 2 months ago #23371
by calicutbobby
Problem with FWSM. Please help. was created by calicutbobby
Hi,
We have a FWSM module in 6513 core switch which acts as the gateway between Vlan's.
We have an exhange server (Microsoft Exchange 2003) in one VLAN and now we face a connectivity problem to this server on port 25 from other VLAN's. The port is open and no restrictions are there from Acces-lists.
When we do a telnet to the server on port 25, we are not able to see the banner which the exchange server returns as response and no response are obtained for the commads we type in as well. Ex: helo, mail from: mailid@domain.com, etc.,
Once we telnet to the exchange server on port 25 from a different VLAN we get the below given message
---Output---
220 ****************************************************************************
***********************************************
--end of output---
Where as it works perfectly within the VLAN where the server exists and we get response to the command which we type in. Ex; helo, mil from: mailid@domain.com, etc.,
---Output---
220 servername.ourdomain.com Microsoft ESMTP MAIL Service, Version: x.y.wert.yuio ready at Tue, 2 Oct 2007 14:04:34 +0200
--End of Output---
The scenario here is, we have lot of application servers which monitor multiple devices and these application servers sent mail to the exchange server. These application servers are in a different VLAN.
I aint sure what exactly is blocking the return traffic? Someone please advice on this. Thanks.
We have a FWSM module in 6513 core switch which acts as the gateway between Vlan's.
We have an exhange server (Microsoft Exchange 2003) in one VLAN and now we face a connectivity problem to this server on port 25 from other VLAN's. The port is open and no restrictions are there from Acces-lists.
When we do a telnet to the server on port 25, we are not able to see the banner which the exchange server returns as response and no response are obtained for the commads we type in as well. Ex: helo, mail from: mailid@domain.com, etc.,
Once we telnet to the exchange server on port 25 from a different VLAN we get the below given message
---Output---
220 ****************************************************************************
***********************************************
--end of output---
Where as it works perfectly within the VLAN where the server exists and we get response to the command which we type in. Ex; helo, mil from: mailid@domain.com, etc.,
---Output---
220 servername.ourdomain.com Microsoft ESMTP MAIL Service, Version: x.y.wert.yuio ready at Tue, 2 Oct 2007 14:04:34 +0200
--End of Output---
The scenario here is, we have lot of application servers which monitor multiple devices and these application servers sent mail to the exchange server. These application servers are in a different VLAN.
I aint sure what exactly is blocking the return traffic? Someone please advice on this. Thanks.
- calicutbobby
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 0
17 years 2 months ago #23373
by calicutbobby
Replied by calicutbobby on topic Re: Problem with FWSM. Please help.
The issue has been resolved. The inspect engine for smtp was blocking/dropping the packets. Thanks
- skepticals
- Offline
- Elite Member
Less
More
- Posts: 783
- Thank you received: 0
17 years 2 months ago #23380
by skepticals
Replied by skepticals on topic Re: Problem with FWSM. Please help.
I'm sorry, I should have caught that. I have heard about the SMTP inspection causing problems, but I have not been faced with that at this time.
Does the inspection only happen when traffic goes between VLANs and interfaces?
Does the inspection only happen when traffic goes between VLANs and interfaces?
17 years 2 months ago #23381
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Problem with FWSM. Please help.
We turn the SMTP/ESMTP Fixup/Inspect rules off on all our Pix firewalls because it just stops e-mail flow.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- skepticals
- Offline
- Elite Member
Less
More
- Posts: 783
- Thank you received: 0
17 years 2 months ago #23382
by skepticals
Replied by skepticals on topic Re: Problem with FWSM. Please help.
Smurf,
Do you have a link to documentation as to the best method of disabling the inspection?
Do you have a link to documentation as to the best method of disabling the inspection?
17 years 2 months ago #23383
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Problem with FWSM. Please help.
No, just remove the inspect line (or fixup).
Cheers
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.130 seconds