Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: Exchange Server 2000 and Cisco Pix
From: Brian Ford <brford () cisco com>
Date: Thu, 24 May 2001 02:28:43 -0400

Chris,

Just another example of a firewall trying to be an application level filter.

Look in the Syslog files for your PIX ad check if you see any that look like this:

%PIX-2-108001: SMTP made noop: out chars in chars data: chars

This is a PIX Mail Guard (SMTP) message (syntax is fixup protocol smtp). This message is logged if the PIX makes a no-op of an unsupported SMTP commands (the supported commands are HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT) as per RFC 821, and reports the offending command.

Exchange Server may be issuing SMTP commands that PIX doesn't like or trying to use ESMTP (eHlo). If so, you'll need to turn off MailGuard ("no fixup protocol smtp") or re-configure your Exchange Server.

Regards from Shanghai China,

Brian

At 12:01 PM 5/23/2001 -0400, you wrote:
Date: Mon, 21 May 2001 09:54:39 -0700 (PDT)
From: Christoph Puetz <puetzc () yahoo com>
Reply-To: puetz () mho net
To: firewall-wizards () nfr com
Subject: [fw-wiz] Exchange Server 2000 and Cisco Pix

Hello wizards,

I have a newly installed Exchange Server 2000 behind
my Pix and did receive an error from a mail client
when trying to connect to the Exchange server.
Microsoft refers to Cisco without really being
specific - at least I could not find the solution at
Cisco's web page. Anyone here knows what I have to do?

Here's MS solution (Article ID: Q295164) for the
problem:

"RESOLUTION
To resolve this issue, disable SMTP inspection on the
firewall. If you do not know the command to disable
SMTP inspection, contact Cisco."

Is this the fixup command I have to use and disable
smtp?

Thanks for your help in advance!

C.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]