Cisco Firewall :: Distant Mail Server Not Working On ASA5510

Jun 15, 2011

My mail server is not in my network, it's over internet elsewhere.After installing the ASA 5510, i can not get my mails any more.

View 7 Replies


Cisco Firewall :: ASA5510 ESMTP Inspection Stopping Outbound Mail

Jun 13, 2011

I am having an issue with an ASA 5510, running 8.4(1) code, causing outbound mail to remain in the SMTP server queue (Exchange 2007). This only happens with some remote mail servers. The connection usually ends with the remote server eventually sending a TCP reset.
I've taken multiple inside and outside packet traces.Other trace's contain either X's preceding various sections of the stream content or all X's in the content. The X's only appear when inspection is enabled.
Disabling inspection is the only thing that seems to allow mail to flow. I find this curious because I'm running this same ESMTP policy on other ASA's. However, they are on 8.3 code.
Most everything I find when searching on this subject says to disable ESMTP inspection. [code]

View 4 Replies View Related

Cisco Firewall :: ASA 5510 / Add A Mail Server In The LAN And A Webmail Using Port 3000 On The Server?

Jul 24, 2011

I'am using ASA 5510 and I try to understand how PAT is working.I want to add a Mail Server in the LAN and a webmail using port 3000 on the server. ( webmail must be reachable from the WAN)This is my Configuration :actually LAN users access internet using NAT with one global IP ( 194.x.x.69) which is the ASA WAN interface.

WAN ----- ISP Router ----------     FW     ---------- LAN -------- Mail Server + Webmail
|             (25) | (3000)
I need to forward port 3000 and port 25 from outside to inside.For example, from the WAN : [URL] must be redirect toward . What is the Correct Configuration ? And what about the Inside/Outside Traffic,Is there any configuration to add ?

View 2 Replies View Related

Cisco Firewall :: ASA 8.6 Nat And Access List For Mail Server?

Oct 30, 2012

Trying to figure this all out. I'm getting untranslated hits. I posted the config I have so far.

View 7 Replies View Related

Cisco Firewall :: ASA5510 / SSH Not Working After Upgrade

Mar 2, 2011

I have an ASA5510 which was running version 8.31. SSH was working fine on version 8.31 but since i upgraded it to version 8.41 the SSH stopped working.

View 7 Replies View Related

Cisco Firewall :: ASA5510 Not Working Properly From Outside

Feb 27, 2012

I not familiar with the ASA 5510 product. I having trouble since last 24 hours and still cant find out the root cause yet. Here is my scenario, my network should be
WAN --- ASA5510 (FW) --- SERVER (
Now I face the problem, all the NAT static 1-to-1 is working OK. All my public IP can be ping from outside internet. But the problem happen when I try to telnet to port 80 on each server. I had try telnet from my PC to public IP 80, it's work fine, but failed on 80, then on 80, its work fine.
Then I do try on my colleague PC, in same network as mine, I face another case where the public IP 80 cannot be telnet, but it's ok for, then failed on 80.
FYI.. all our PC can ping to the Public IP and no packet lose.
The scenario is very weird, I cant find any other solution as had review my configuration few times.
check does my configuration is working perfectly or not.
ASA Version 8.2(5)
hostname fw-asa
enable password xxx encrypted


View 8 Replies View Related

Cisco Firewall :: ASA5510 Not Working Ok After Upgrade 8.2 / 8.3 / 8.4

Jan 15, 2012

An ASA5510 (with 1 webserver behind it, just starting to build the cluster) was functioning OK with version 8.2: I was able to log in using RDP to the server bhind it from some trusted IP's.
I updated ASDM to the latest version 6.4.7, and then the ASA-software to 8.3.2. After reloading, I could not access the server anymore. I saw that changes were made to the config. Then I updated to version 8.4.3, same results of course, and this is the config. [code]

View 11 Replies View Related

Cisco Firewall :: ASA5510 Enable Password Not Working

Oct 11, 2012

I have a problem with an ASA5510 (8.0.4) firewall in South Africa (I'm in the UK).It's a replacement firewall that I am trying to configure remotely through a serial device with an internet facing connection, but the enable password is not working.I can connect to the device OK, type 'en' and when propted for the password whatever I use (blank, cisco, Cisco etc.) I get an 'invalid password' message.

View 2 Replies View Related

Cisco Firewall :: VPN Access To ASA5510 ASDM And SSH Not Working

Aug 7, 2012

Cannot access to cisco asa5510 asdm nor ssh thru anyconnect vpn, attached is the current configuration. user authetnicaties aaa locally and has admin service-type. When vpn session is established, it lets me go thru the certificate warning and when trying to install the asdm laucher its failing. ssh access is enabled but not working. i can access both asdm and ssh from the inside network, and from a pc on that network.

View 9 Replies View Related

Cisco Firewall :: ASA5510 Working In HA Config Now Constantly Rebooting

Mar 20, 2011

I have an ASA5510 that was working in a HA config that is now constantly rebooting itself. Here is a copy of the dump of traceback messages:

Booting system, please wait...
CISCO SYSTEMSEmbedded BIOS Version 1.0(11)5 08/28/08 15:11:51.82
Low Memory: 631 KBHigh Memory: 256 MBPCI Device Table.Bus Dev Func VendID DevID Class Irq 00 00 00 8086 2578 Host Bridge 00 01 00 8086 2579 PCI-to-PCI Bridge 00 03 00 8086 257B PCI-to-PCI Bridge 00 1C 00 8086 25AE PCI-to-PCI Bridge
[Code] .........

View 1 Replies View Related

Cisco Firewall :: Can Configure ASA5510 As DHCP Server For LAN

Oct 13, 2011

I am using a fiber optic connection. I want to connect it directly to ASA5510. A WLC2504 will be connected to ASA and one Aironet AP will be deployed at first. (At this moment I am not using any Windows server but in near future I will need to deploy Windows Server 2003 in my corporate network) My questions are:
Can I configure ASA as DHCP server for my LAN?

Can I configure WLC as DHCP server for my LAN?

If we can configure both then what is the best practice from above two options? (I am new to Cisco stuff and first time user)

View 1 Replies View Related

Cisco Firewall :: ASA5510 / Accessing Exchange Server From DMZ?

Aug 16, 2011

We have a ASA5510 with a webserver in the DMZ network We now want this web server to be able to access the Exchange server in the Inside network I researched this and it seemed straight forward according the the Cisco document below:

I'm looking to do this with smtp so I added these lines to the config:
static (inside,DMZ) netmask
access-list dmz extended permit tcp host host eq smtp
The configuration line:access-group DMZ in interface DMZ Already existed in the configuration so didn't need to be re-entered.

ASA Version 8.0(4)
hostname xxxx
enable password xxxxxxxxxxxx encrypted
passwd xxxxxxxxxxxxxx encrypted


View 28 Replies View Related

Cisco Firewall :: ASA5510 Static Routes For Management Interface Not Working

Mar 30, 2011

We have several pairs of ASA5510s in failover A/P mode, some running 8.3(2) and others running 8.4(1).
e0/0 = outside
e0/1 = inside
m0/0 = management
The problem we're having is we can't get anything to route out of the management interface unless we put in a static route at least to the subnet level. For example, we want syslog traffic to exit out m0/0 to our syslog server Our 'gateway of last resort' points to the next hop out e0/0, and a second static route with a higher metric and a more distinct network space is for m0/0 as in:
route outside 1route management 10
This doesn't work, and ASDM loggin gives this error: ".....Routing failed to locate next hop for udp from NP Identity Ifc: to management:"
If I put in a more granular subnet route, or a host route of the syslog server it works, such as:
route management 10   <------------- this works
route management 10   <------------- this works too
Why won't a static route for work in this case?
We are going to have numerous hosts access and be sent messages though the management interface of these ASAs, and it would be very burdonsome to have to add a host, or even a subnet, route for every one. I've removed all static routes and tried to rely on EIGRP, but that doesn't work. I also had to put 'passive-interface management' under the EIGRP for this to work.
Here is the pertinant ASA config concerning syslog, routing, and interfaces:
interface Ethernet0/0 nameif outside security-level 0 ip address standby !interface Ethernet0/1 nameif inside security-level 100 ip address standby


View 3 Replies View Related

D-Link DCS-930L :: FTP And E-mail Suddenly Stopped Working

Nov 6, 2012

I have had a setup in which my four DCS-930Ls transfer picture every 15 minutes over a Dovado-router connected to a mobile broadband modem. This has worked perfectly until this last night. No pictures are transferred and upon using the test FTP function the status page just says "Testing ...." forever. I've also tested e-mailing picture without success.

View 2 Replies View Related

Cisco :: Dual ISP On A 5510 With Static Nat To A Mail Server?

Sep 2, 2011

Only trying to have the mail server reachable via the secondary ISP link if the primary ISP link goes out. The public MX records with priority markings should make it so any outside hosts tries the first ISP address then the second ISP address if the first is unavailable. I would be using object tracking to control the default gateway in the ASA. I'm just a bit fuzzy on the NAT with a dual ISP config on single box.It shouldn't happen but... if traffic comes in on ISP2 while ISP1 is still up (and the current default gate) that traffic should return out the ISP2 interface (using the ISP2 address and avoiding asymmetric routing) since there already an existing connection present inside the ASA. Any server initiated traffic would still use the current default gateway defined via object tracking on the ASA.

View 1 Replies View Related

Cisco WAN :: Get Mail Server On Port 443 From Internal Network

May 24, 2012

I write here to see if some kind soul can not solve my problem (which is common to seeso many people around the world). problem: I have a mail server ( configured static NAT because it is accessible byPublic IP (PPP.PPP.PPP.PPP). Everything works properly from the outside, but if I get my Mail server (on port 443) from the internal network ( there 'verse. This configuration is called Nat inside-to-inside is done by default by some SOHO routers(such as the TPLINK from 25 euros) but Cisco did not succeed. I search on the internet for 2 days without a get nowhere. PS: I have a Cisco 1801 router. (or 1941 as another router).

View 13 Replies View Related

Cisco WAN :: 887 ADSL Configuration With Static NAT For Mail Server?

Feb 8, 2012

I have configure 887 ADSL router with attached configuration. But users cant access internet properly. (Ex: yahoo and gmail mail cant access)

View 8 Replies View Related

Servers :: Reaching Mail Server Outside Router

May 28, 2012

i have a network setup like the image in the link(url) and am asking how to make the PC's behind the router to reach the mail server??,when i ping the ip of the server i get timeout.

View 1 Replies View Related

Mail Server Giving Different IP When Pinged At Different Times

Mar 14, 2012

When I'm pinging my mail server, it gave me different IP's at different times. As the mail server is actually owned by us, I would like to know if that is possible without the IP actually being changed by someone. This is really critical for me. I didn't mean to cross post so providing the URL of the other place where I posted..

If you'd like I may attach the screenshots for the same, but don't think that will server any purpose.

View 7 Replies View Related

Cisco WAN :: ASA 5510 - Mail Server Error 421 SMTP Connection Went Away

Oct 11, 2011

I've got some problem with my Mail Server since I've migrated to an ASA5510.Actually the server is in a DMZ with a private Ip ( 10.x.x.2) and it is translated to a Public IP ( 194.x.x.65).I use these configuration :

static (DMZ,LAN) 194.x.x.65 10.x.x.2 netmask static (DMZ,LAN) 194.x.x.66 10.x.x.3 netmask static (DMZ,WAN) 194.x.x.65 10.x.x.2 netmask static (DMZ,WAN) 194.x.x.66 10.x.x.3 netmask static (LAN,DMZ) netmask
Some Users received in there mailbox a system administer error message :

Object : Impossible to deliver : test Your message could not be deliver to one or more of its recipients: 421 SMTP connection went away!
When they try to re sent it some times later, message is sent without problem.

View 4 Replies View Related

Servers :: Mail Server Showing Multiple IP's When Pinged?

Mar 14, 2012

When I'm pinging my mail server, it gave me different IP's at different times. As the mail server is actually owned by us, I would like to know if that is possible without the IP actually being changed by someone.

View 8 Replies View Related

Cisco Routers :: RV042 Email Server Not Send Mail When Switch From Wan

Sep 28, 2011

Just installed a RV042 with dual wan connections. Would like to make the WAN 2 (new cable modem as well) the primary connection over WAN1 (DSL), however whenever I switch from WAN1 to WAN2 in Smark Link set up, our email server will not send mail out, even though nothing is blocking the connection.

View 0 Replies View Related

TP-Link 3G/3.75G Router :: TL-MR3420 / Fail To Connect Mail Server

Mar 10, 2013

Region : Denmark
Model : TL-MR3420
Hardware Version : V2
Firmware Version : 3.13.27 Build 121206 Rel.60215n

I have a TL-MR3420 router placed in a remote location. The internet connection is via 3G, and since the telco is shifting the IP every 24 hours, the router is configured with DDNS from This is working OK most days, but sometimes the DNS fails to update. To be able to trobleshoot it, I am trying to make my router send a mail with the logfile every hour. This function seems to be easy and out-of-the-box, but it doesn't wiork. Whenever I try to mail the log I get the error message "Fail to Connect the mail server.".

It is not possible to enter another SMTP-port, so I asume the standard port 25 (like this thread). Most ISP-mail services require SSL/TLS and/or use an alternative port, so I have made my own server. This server is visible on the Internet, and I (and others) are able to connect and send mails using smtp on port 25. But, still my remote TL-MR3420 keep saying "Fail to Connect the mail server.". I have tried nearly everything, including disabling authentication and giving the IP-address of the smtp server directly instead of the URL.

View 1 Replies View Related

Belkin Routers :: AC900 / Windows Live Mail - Server Has Unexpectedly Terminated Connection

Nov 20, 2012

I replaced a similar router from a competing company with the AC900 N900 router. I open Live Mail (IMAP) and keep it open during the day. Since switching over, when I periodically look at email on Live Mail, I frequently get a "Windows Live Mail" message saying "Your server unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity." I have never received this message from either one of the previous routers - LinkSys, Netgear.

View 7 Replies View Related

Connect Two Distant Remote Site By VPN?

Jan 14, 2013

what we need to as hardeware to connect two distant remote site by VPN

View 1 Replies View Related

Cisco Firewall :: Difference ASA5510-BUN-K9 And ASA5510-Sec-Bun-K9

Jun 6, 2012

ASA 5510 have two model Bun-K9 and Sec-Bun-K9 from the datasheet find out difference Port related and Redundancy. My questions is : Have any major difference for Security service between two model ?

View 3 Replies View Related

Cisco WAN :: 1841 - Layer 2 Connection Between Distant Model?

May 21, 2012

I have two 1841's connect to the Internet via DSL;
fa0/0 --- 1841-R1 --- DSL1 ---------------------[INTERNET]--------------------- DSL1 --- 1841-R2 --- fa0/0
I am on the LAN attached to fa0/0 on R1 and I need layer 2 connectivity to a device on fa0/0 on R2. I'm not sure if this is possible with 1841's or not? I made a GRE tunnel between the two and was going to add a BVI and bridge the tunnel at each end with fa0/0 at eah end, but the 1841's don't support BVIs so I'm a bit stumped here! Would L2TP work here?
R2 is a remote router running C1841-SPSERVICESK9-M. R1 is local running C1841-ADVENTERPRISEK9-M. I can't change the remote router so if the answer is not support in C1841-SPSERVICESK9-M I won't be able to do this.

View 3 Replies View Related

Cisco Firewall :: ASA 5505 - Inbound Mail Not Coming

May 31, 2011

Last night I switched out our old Cisco pix 515 with a asa 5505.  The config is the same and internet and outgoing mail is working but no mail is coming in.  Below is a copy of my config.  Why my inbound mail is not coming in.

smtp (Barracuda email filter)pop3 (exchange server). Tried to telnet into the firewall but connection timed out.  Went to mxtool box and that also timed out while trying to connect to smtp.  Port scan from mxtool box timed out too on all ports.

[Code] ........

View 5 Replies View Related

Cantenna Connect To Distant Wifi And Broadcast To Second Location

May 6, 2012

My neighbour and i will share internet costs, we have visibility and about 200m distance. cantenna should be fine to connect us. i can connect to his WIFI with my laptop when close his house. the setup i would like,m but i'm not clear about:

a) i need an access point device to connect the cantenna to it first, then i would like to broadcast that signal via Ethernet to WIFI-N router to connect the 3 computers in my location.

b) what exact AP device should i purchase ? i already have Linksys E3200 wifi router but, so i'm not sure about the AP device or if that's what i really need to what i'm imagining.

View 1 Replies View Related

Cisco Firewall :: 5510 Needs To Send Logging Information To Mail ID

May 4, 2011

Configured ASA 5510 with CSC module and working fine.Here i likes to configure, Whenever any users from outside accessing my firewall (like VPN users) that logging information i need to send one particular mail ID.Simply, i likes to enable my fireawall to send logging information to one particular mail id.

View 10 Replies View Related

Cisco Firewall :: 5510 Send Logging Information To Mail ID

May 31, 2011

Configured ASA 5510 with CSC module and working fine.Whenever any users from outside accessing my firewall (like VPN users) that logging information i need to send one particular mail ID.
Simply, i likes to enable my fireawall to send logging information to one particular mail id.

View 1 Replies View Related

Cisco Routers :: RV042 Hardware V 1.2 Firewall Is Blocking Some Incoming Mail

Dec 4, 2011

I'm having an issue where our RV042 router is blocking some of our customers from sending us e-mails.I noticed thatCISCO has produced a newer version of the RVO42 V3.0 and has firmware version 4.x. can you upgrade the Linksys RV042 Hardware V 1.2 to the 4.x firmware? I have found a few articles and forums online about otherpeople having the same issue with the RV042 v1 randomly blocking, e-mail but no one ever has a solution to correct the issue.Some people have recommend to roll back to factory default and reconfigure the router as the config may by corrupt.

View 4 Replies View Related

Cisco Firewall :: FWSM 4.1 How To Send Mail Messages When Fail Over Occurs

Feb 16, 2012

We are using FWSM with software version 4.1(6) with failover and multi contexts.We need to generate and send mail notifications when failover occurs.

With this configuration we are receiving syslog only! [code]

View 2 Replies View Related

Copyrights 2005-15, All rights reserved