Was just thrown a new client with a weird setup:
Verizon DSL
|
Westell Router/Switch (set to "bridge" mode), 192.168.1.2
|
PIX (inside: 192.168.1.1 --- outside: pppoe setroute)
|
Switch
|
Windows2k3 Server / Exchange 2003 & Client computers
Clients can browse web fine. Server can browse fine.
Server (Exchange) is receiving email, but unable to send (SMTP queues building up)
They are convinced it's the PIX. Big reason they think it's the PIX is because you can't "telnet mail.testserver.com 25"
You also can't "ping www.google.com" from the inside.
My experience with PIX devices is that they block inbound ICMP unless specifically permitted.
I have the "no fixup protocol smtp 25" configured, so I would think I *should* be able to do the telnet test to other SMTP servers.
I've tried numerous "telnet" mail servers that I know work (works from other sites). They appear to connect, but I just get a blank CMD box, no welcome text or anything. This makes me think it could be something with the PIX.
The PIX has only 1 ACL and it's very basic. SMTP, RDP, POP, etc. Only applied outbound. NO inbound ACL.
Anyone have any ideas? Please help me out if you have any ideas. In a crunch here.
Thanks!
Verizon DSL
|
Westell Router/Switch (set to "bridge" mode), 192.168.1.2
|
PIX (inside: 192.168.1.1 --- outside: pppoe setroute)
|
Switch
|
Windows2k3 Server / Exchange 2003 & Client computers
Clients can browse web fine. Server can browse fine.
Server (Exchange) is receiving email, but unable to send (SMTP queues building up)
They are convinced it's the PIX. Big reason they think it's the PIX is because you can't "telnet mail.testserver.com 25"
You also can't "ping www.google.com" from the inside.
My experience with PIX devices is that they block inbound ICMP unless specifically permitted.
I have the "no fixup protocol smtp 25" configured, so I would think I *should* be able to do the telnet test to other SMTP servers.
I've tried numerous "telnet" mail servers that I know work (works from other sites). They appear to connect, but I just get a blank CMD box, no welcome text or anything. This makes me think it could be something with the PIX.
The PIX has only 1 ACL and it's very basic. SMTP, RDP, POP, etc. Only applied outbound. NO inbound ACL.
Anyone have any ideas? Please help me out if you have any ideas. In a crunch here.
Thanks!