Re: [j-nsp] IPSEC VPN tunnel is not accepting only SMTP traffic
Hi, On Fri, Jul 2, 2010 at 11:27 PM, Fahad Khan wrote: > > I am facing an issue regarding an IPSEC tunnel between ISG1000 and Cisco > box, The VPN is up, all traffic is going through it but only SMTP traffic is > some how not being flowing through the tunnel, no SMTP connection is being > made with mail server. There are so many variables and you've provided such little detail (again) that it's going to be difficult for people to help you. Things that are missing from your post: - Details of the 'Cisco box' - Details of the IPSec tunnel configuration on the peers - Details of the network infrastructure between the peers and between the endpoints - Software revisions running on the relevant nodes - How you have verified that the tunnel is 'up' - How you have verified that non-SMTP traffic is flowing - How you have verified that SMTP traffic is not flowing - What troubleshooting (if any) you've already done Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] IPSEC VPN tunnel is not accepting only SMTP traffic
Yes, I tried disabling it. but did not work :( regards, Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-321-2370510 +92-301-8247638 Skype: fahad-ibm http://www.linkedin.com/in/muhammadfahadkhan On Fri, Jul 2, 2010 at 6:45 PM, Farrukh Haroon wrote: > Is this an ASA Firewall? > > Try turning off ESMTP fixup on the ASA side. > > Regards > > Farrukh > > On Fri, Jul 2, 2010 at 4:27 PM, Fahad Khan wrote: > >> Hi Folks, >> >> I am facing an issue regarding an IPSEC tunnel between ISG1000 and Cisco >> box, The VPN is up, all traffic is going through it but only SMTP traffic >> is >> some how not being flowing through the tunnel, no SMTP connection is being >> made with mail server. >> >> Can any one comment on it? >> >> regards, >> >> Muhammad Fahad Khan >> JNCIP - M/T # 834 >> IT Specialist >> Global Technology Services, IBM >> fa...@pk.ibm.com >> +92-321-2370510 >> +92-301-8247638 >> Skype: fahad-ibm >> http://www.linkedin.com/in/muhammadfahadkhan >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] MAC Sticky on EX
On 1 Jul 2010, at 14:27, Fahad Khan wrote: > Dear Folks, > > Do we have any option like" MAC Sticky " in EX series as we have in IOS for > in port security??/ > > I think we can only limit the number of MAC or we can bind static MAC > addresses. This is my understanding too, I achieve the mac limit with "ethernet-switching-options secure-access-port interface blah mac-limit 1 action shutdown". A mac acl can be used as you describe too. Ideally, I would like this mac-limit feature for trunk ports too. Andy ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] IPSEC VPN tunnel is not accepting only SMTP traffic
Is this an ASA Firewall? Try turning off ESMTP fixup on the ASA side. Regards Farrukh On Fri, Jul 2, 2010 at 4:27 PM, Fahad Khan wrote: > Hi Folks, > > I am facing an issue regarding an IPSEC tunnel between ISG1000 and Cisco > box, The VPN is up, all traffic is going through it but only SMTP traffic > is > some how not being flowing through the tunnel, no SMTP connection is being > made with mail server. > > Can any one comment on it? > > regards, > > Muhammad Fahad Khan > JNCIP - M/T # 834 > IT Specialist > Global Technology Services, IBM > fa...@pk.ibm.com > +92-321-2370510 > +92-301-8247638 > Skype: fahad-ibm > http://www.linkedin.com/in/muhammadfahadkhan > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] IPSEC VPN tunnel is not accepting only SMTP traffic
Hi Folks, I am facing an issue regarding an IPSEC tunnel between ISG1000 and Cisco box, The VPN is up, all traffic is going through it but only SMTP traffic is some how not being flowing through the tunnel, no SMTP connection is being made with mail server. Can any one comment on it? regards, Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-321-2370510 +92-301-8247638 Skype: fahad-ibm http://www.linkedin.com/in/muhammadfahadkhan ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Force ports with only RX connected to UP
Hi.
We have a bunch of fiber taps that we want to aggregate in a Juniper
EX4200 (24 SFP) before sending it to our network analyzer.
What we thought we would do is connect all the taps to port 0 to X and
then mirror the traffic from them to port 23.
Problem: We don't get link up when we only connect to RX. It seems the
switch really really wants to talk to someone on the other end.
We have disabled autoneg, set full duplex 1G, and even turned off flow
control but the ports are still down. We have also reduced the problem
to connecting two ports directly.
When the ports are fully connected they come up. Pull just one fiber
and both ports go down.
We have tried turning off lldp, stp, rstp and mstp globally on the
switch, as well as setting half duplex.
Both ports are configured thus:
root# show interfaces ge-0/0/12
ether-options {
no-auto-negotiation;
no-flow-control;
link-mode full-duplex;
speed {
1g;
}
}
unit 0 {
family ethernet-switching;
}
How do we get these ports up and receiving?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
