not able to receive mail through pix 506e firewall

Discussion in 'Cisco' started by hemanttandel@gmail.com, Mar 13, 2007.

  1. Guest

    Hi
    I have pix 506e firewall, D-link ADSL dsl-502t and my IBM xseries 236
    server.
    I have fix static live ip 59.181.103.220 which i have got from ISP.
    loyalindia.co.in is my domain,
    The MX record for it is mail.loyalindia.co.in which points to
    59.181.103.220

    My problem is i am not able to send mails ( with my mail server,
    Exchange server,loyalindia.co.in) through pix 506e but i am receiving
    mails from any server.

    I have tried with (ADSL) natting and without natting but the problem
    is same.
    If i am removing the pix 506e and directly connecting the server to
    adsl i am able to receive and send mails properly


    My network design is as fallows:-
    ADSL (WAN) 59.181.103.220
    ADSL (LAN)59.181.103.221
    Pix 506e (out) 59.181.103.222
    Pix 506e (in) 192.168.1.1.
    My domain mail server loyalindia.co.in (Exchange server) ip
    192.168.1.2

    My config as fallows:-
    PIX Version 6.3(5)
    interface ethernet0 auto
    interface ethernet1 auto
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password oH2xz4N6pxtBHe8N encrypted
    passwd.2KYencrypted
    hostname loyal
    domain-name loyalfire.com
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    no fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    name 59.181.103.221 adsl
    name 192.168.1.2 mail
    access-list smtp_in permit tcp any interface outside eq smtp
    access-list smtp_in permit tcp any host 59.181.103.222 eq smtp
    access-list out_in permit tcp any interface outside eq smtp
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address outside 59.181.103.222 255.255.255.0
    ip address inside 192.168.1.1 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location mail 255.255.255.255 inside
    pdm location adsl 255.255.255.255 outside
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) tcp interface smtp mail smtp netmask
    255.255.255.255 0 0

    access-group out_in in interface outside
    route outside 0.0.0.0 0.0.0.0 adsl 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
    1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout sip-disconnect 0:02:00 sip-invite 0:03:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server TACACS+ max-failed-attempts 3
    aaa-server TACACS+ deadtime 10
    aaa-server RADIUS protocol radius
    aaa-server RADIUS max-failed-attempts 3
    aaa-server RADIUS deadtime 10
    aaa-server LOCAL protocol local
    http server enable
    http mail 255.255.255.255 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    terminal width 80
    Cryptochecksum:496f7c38801fe5cffecbc0ba6381a49d
    : end
    can anyone support me?
     
    , Mar 13, 2007
    #1
    1. Advertising

  2. Smokey Guest

    wrote:
    > Hi
    > I have pix 506e firewall, D-link ADSL dsl-502t and my IBM xseries 236
    > server.
    > I have fix static live ip 59.181.103.220 which i have got from ISP.
    > loyalindia.co.in is my domain,
    > The MX record for it is mail.loyalindia.co.in which points to
    > 59.181.103.220
    >
    > My problem is i am not able to send mails ( with my mail server,
    > Exchange server,loyalindia.co.in) through pix 506e but i am receiving
    > mails from any server.
    >
    > I have tried with (ADSL) natting and without natting but the problem
    > is same.
    > If i am removing the pix 506e and directly connecting the server to
    > adsl i am able to receive and send mails properly


    Posting the message again is not going to change the answer,

    You have stated that your MX/A record for the mail server is .220 but
    your PIX config is for .222 change your A record to reflect .222 not .220
     
    Smokey, Mar 13, 2007
    #2
    1. Advertising

  3. Guest

    On Mar 13, 6:52 pm, Smokey <> wrote:
    > wrote:
    > > Hi
    > > I have pix 506e firewall, D-link ADSL dsl-502t and my IBM xseries 236
    > > server.
    > > I have fix static live ip 59.181.103.220 which i have got from ISP.
    > > loyalindia.co.in is my domain,
    > > The MX record for it is mail.loyalindia.co.in which points to
    > > 59.181.103.220

    >
    > > My problem is i am not able to send mails ( with my mail server,
    > > Exchange server,loyalindia.co.in) through pix 506e but i am receiving
    > > mails from any server.

    >
    > > I have tried with (ADSL) natting and without natting but the problem
    > > is same.
    > > If i am removing the pix 506e and directly connecting the server to
    > > adsl i am able to receive and send mails properly

    >
    > Posting the message again is not going to change the answer,
    >
    > You have stated that your MX/A record for the mail server is .220 but
    > your PIX config is for .222 change your A record to reflect .222 not .220- Hide quoted text -
    >
    > - Show quoted text -


    Hi
    If this ip 59.181.103.222 is not live, it will work?.
    Because i had already done that but it was not sending and receiving
    mails.
    The other network design i have made was as fallows:-
    (59.181.111.159 is new fix static ip but it is not live)
    The MX/A record for it is mail.loyalindia.co.in which points to
    59.181.111.159

    ADSL (WAN) 59.181.103.220
    ADSL (LAN)59.181.111.158
    Pix 506e (out) 59.181.111.159
    Pix 506e (in) 192.168.1.1.
    My domain mail server loyalindia.co.in (Exchange server) ip
    192.168.1.2
    This network did not solved my problem.

    According to you my config is ok but i have to change the MX/A record
    ip to 59.181.103.222 (pix out ip) instead of 59.181.103.220 and it
    will solved my problem. Ok i will try this. Any other way to solved
    problem.
    waiting for the reply.
    Bye
     
    , Mar 14, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bruce Baker

    Not able to receive registration # from Ebay

    Bruce Baker, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    387
    Bruce Baker
    Sep 5, 2003
  2. gangle
    Replies:
    10
    Views:
    784
  3. Mel
    Replies:
    3
    Views:
    455
  4. Replies:
    1
    Views:
    388
    Smokey
    Mar 13, 2007
  5. harrison

    ICMP can not pass through PIX 506E

    harrison, Jun 7, 2009, in forum: Cisco
    Replies:
    0
    Views:
    1,398
    harrison
    Jun 7, 2009
Loading...

Share This Page