Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > not able to receive mail through pix 506e firewall

Reply
Thread Tools

not able to receive mail through pix 506e firewall

 
 
hemanttandel@gmail.com
Guest
Posts: n/a
 
      03-13-2007
Hi
I have pix 506e firewall, D-link ADSL dsl-502t and my IBM xseries 236
server.
I have fix static live ip 59.181.103.220 which i have got from ISP.
loyalindia.co.in is my domain,
The MX record for it is mail.loyalindia.co.in which points to
59.181.103.220

My problem is i am not able to send mails ( with my mail server,
Exchange server,loyalindia.co.in) through pix 506e but i am receiving
mails from any server.

I have tried with (ADSL) natting and without natting but the problem
is same.
If i am removing the pix 506e and directly connecting the server to
adsl i am able to receive and send mails properly


My network design is as fallows:-
ADSL (WAN) 59.181.103.220
ADSL (LAN)59.181.103.221
Pix 506e (out) 59.181.103.222
Pix 506e (in) 192.168.1.1.
My domain mail server loyalindia.co.in (Exchange server) ip
192.168.1.2

My config as fallows:-
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password oH2xz4N6pxtBHe8N encrypted
passwd.2KYencrypted
hostname loyal
domain-name loyalfire.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
no fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 59.181.103.221 adsl
name 192.168.1.2 mail
access-list smtp_in permit tcp any interface outside eq smtp
access-list smtp_in permit tcp any host 59.181.103.222 eq smtp
access-list out_in permit tcp any interface outside eq smtp
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside 59.181.103.222 255.255.255.0
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location mail 255.255.255.255 inside
pdm location adsl 255.255.255.255 outside
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp interface smtp mail smtp netmask
255.255.255.255 0 0

access-group out_in in interface outside
route outside 0.0.0.0 0.0.0.0 adsl 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http mail 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:496f7c38801fe5cffecbc0ba6381a49d
: end
can anyone support me?

 
Reply With Quote
 
 
 
 
Smokey
Guest
Posts: n/a
 
      03-13-2007
http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> Hi
> I have pix 506e firewall, D-link ADSL dsl-502t and my IBM xseries 236
> server.
> I have fix static live ip 59.181.103.220 which i have got from ISP.
> loyalindia.co.in is my domain,
> The MX record for it is mail.loyalindia.co.in which points to
> 59.181.103.220
>
> My problem is i am not able to send mails ( with my mail server,
> Exchange server,loyalindia.co.in) through pix 506e but i am receiving
> mails from any server.
>
> I have tried with (ADSL) natting and without natting but the problem
> is same.
> If i am removing the pix 506e and directly connecting the server to
> adsl i am able to receive and send mails properly


Posting the message again is not going to change the answer,

You have stated that your MX/A record for the mail server is .220 but
your PIX config is for .222 change your A record to reflect .222 not .220
 
Reply With Quote
 
 
 
 
hemanttandel@gmail.com
Guest
Posts: n/a
 
      03-14-2007
On Mar 13, 6:52 pm, Smokey <(E-Mail Removed)> wrote:
> (E-Mail Removed) wrote:
> > Hi
> > I have pix 506e firewall, D-link ADSL dsl-502t and my IBM xseries 236
> > server.
> > I have fix static live ip 59.181.103.220 which i have got from ISP.
> > loyalindia.co.in is my domain,
> > The MX record for it is mail.loyalindia.co.in which points to
> > 59.181.103.220

>
> > My problem is i am not able to send mails ( with my mail server,
> > Exchange server,loyalindia.co.in) through pix 506e but i am receiving
> > mails from any server.

>
> > I have tried with (ADSL) natting and without natting but the problem
> > is same.
> > If i am removing the pix 506e and directly connecting the server to
> > adsl i am able to receive and send mails properly

>
> Posting the message again is not going to change the answer,
>
> You have stated that your MX/A record for the mail server is .220 but
> your PIX config is for .222 change your A record to reflect .222 not .220- Hide quoted text -
>
> - Show quoted text -


Hi
If this ip 59.181.103.222 is not live, it will work?.
Because i had already done that but it was not sending and receiving
mails.
The other network design i have made was as fallows:-
(59.181.111.159 is new fix static ip but it is not live)
The MX/A record for it is mail.loyalindia.co.in which points to
59.181.111.159

ADSL (WAN) 59.181.103.220
ADSL (LAN)59.181.111.158
Pix 506e (out) 59.181.111.159
Pix 506e (in) 192.168.1.1.
My domain mail server loyalindia.co.in (Exchange server) ip
192.168.1.2
This network did not solved my problem.

According to you my config is ok but i have to change the MX/A record
ip to 59.181.103.222 (pix out ip) instead of 59.181.103.220 and it
will solved my problem. Ok i will try this. Any other way to solved
problem.
waiting for the reply.
Bye

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Not able to display color in excel not able to display color in excel using xml sed_y XML 0 02-15-2012 09:46 PM
ICMP can not pass through PIX 506E harrison Cisco 0 06-07-2009 05:10 AM
Not able to send mails through pix 506e hemanttandel@gmail.com Cisco 1 03-13-2007 12:58 PM
Upgrading Firewall Version and PDM on PIX 506E (newbie user) jaisol Cisco 1 05-05-2005 02:33 AM
PIX 506e FireWall and Cisco VPNClient 4.6 toureg69@yahoo.com Cisco 3 04-05-2005 11:23 AM



Advertisments