Problem with FWSM. Please help.

Hi,

We have a FWSM module in 6513 core switch which acts as the gateway between Vlan's.


We have an exhange server (Microsoft Exchange 2003) in one VLAN and now we face a connectivity problem to this server on port 25 from other VLAN's. The port is open and no restrictions are there from Acces-lists.


When we do a telnet to the server on port 25, we are not able to see the banner which the exchange server returns as response and no response are obtained for the commads we type in as well. Ex: helo, mail from: mailid@domain.com, etc.,

Once we telnet to the exchange server on port 25 from a different VLAN we get the below given message

---Output---

220 ****************************************************************************

***********************************************

--end of output---

Where as it works perfectly within the VLAN where the server exists and we get response to the command which we type in. Ex; helo, mil from: mailid@domain.com, etc.,


---Output---

220 servername.ourdomain.com Microsoft ESMTP MAIL Service, Version: x.y.wert.yuio ready at Tue, 2 Oct 2007 14:04:34 +0200

--End of Output---

The scenario here is, we have lot of application servers which monitor multiple devices and these application servers sent mail to the exchange server. These application servers are in a different VLAN.

I aint sure what exactly is blocking the return traffic? Someone please advice on this. Thanks.

The issue has been resolved. The inspect engine for smtp was blocking/dropping the packets. Thanks

I'm sorry, I should have caught that. I have heard about the SMTP inspection causing problems, but I have not been faced with that at this time.

Does the inspection only happen when traffic goes between VLANs and interfaces?

We turn the SMTP/ESMTP Fixup/Inspect rules off on all our Pix firewalls because it just stops e-mail flow.

Smurf,

Do you have a link to documentation as to the best method of disabling the inspection?

No, just remove the inspect line (or fixup).

Cheers