Cisco ASA and SMTP

We recently bought so new Firewalls to replace to aged Cisco PIX515e with some new Gear. We decided to use Ciscos new Firewall flagship the Cisco ASA Devices. Everything was fine after the replacement, we transfered the configuration from the old boxes to the new with the help of the Cisco Security Manager.

Later that day there was complains about e-mails are not delivered properly.

On the Cisco PIX with Software 6.2 we had implemented following:

   
        no fixup smtp

For the ASA5510 we had to implement following

        policy-map type inspect esmtp esmtp_pmap
            parameters
              allow-tls action log
        policy-map global_policy
            class inspection_default
                no inspect esmtp
                inspect esmtp esmtp_pmap
            exit
        exit

If you feel this helps a bit or may be not ? Please leave a comment.

The worst day diving is better than the best day working:-)

Patrick Marc Preuss

Cisco ASA and SMTP

Leave a Reply Cancel reply

The worst day diving is better than the best day working:-)