I have a 2621 with IOS IP/FW that I'm unable to connect through to the inside SMTP server. I can connect to that same server using POP3 with no errors. The inside device is a static NAT. The port appears open when I port scan the IP address but I get TCP errors when trying to send mail.
Any ideas? Did I miss something stupid? Is the fact that I have multiple "nat inside" interfaces relevant is this situation? (I've never known it to make a difference) Relevant config: ip inspect name firewall http ip inspect name firewall ftp ip inspect name firewall netshow ip inspect name firewall realaudio ip inspect name firewall rtsp ip inspect name firewall smtp ip inspect name firewall tcp ip inspect name firewall udp interface FastEthernet0/0 ip address 10.1.0.1 255.255.255.0 ip nat inside speed 10 full-duplex ntp broadcast bridge-group 1 ! interface Serial0/0 ip address 10.1.12.1 255.255.255.0 ip nat inside bridge-group 1 ! interface FastEthernet0/1 ip address 12.42.189.2 255.255.255.240 ip access-group 103 in ip nat outside ip inspect firewall out duplex auto speed auto ! interface Serial0/1 ip address 10.1.13.1 255.255.255.0 ip nat inside bridge-group 1 ! router eigrp 100 redistribute static metric 384 255 255 1 1500 network 10.0.0.0 auto-summary no eigrp log-neighbor-changes ! ip nat inside source list 18 interface FastEthernet0/1 overload ip nat inside source static 10.1.0.4 12.42.189.4 ip classless ip route 0.0.0.0 0.0.0.0 12.42.189.1 ! logging history debugging logging 10.1.0.3 access-list 18 permit 10.1.0.0 0.0.255.255 access-list 101 permit tcp any any ack access-list 101 permit udp any any access-list 101 permit icmp any any access-list 103 permit tcp any host 12.42.189.4 eq smtp access-list 103 permit tcp any host 12.42.189.4 eq pop3 bridge 1 protocol ieee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=29794&t=29794 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
