Re: Exchange Server 2000 and Cisco Pix

[Brian Ford <brford () cisco com>]

Chris,

Just another example of a firewall trying to be an application level filter.

Look in the Syslog files for your PIX ad check if you see any that look 
like this:

%PIX-2-108001: SMTP made noop: out chars in chars data: chars

This is a PIX Mail Guard (SMTP) message (syntax is fixup protocol smtp). 
This message is logged if the PIX makes a no-op of an unsupported SMTP 
commands (the supported commands are HELO, MAIL, RCPT, DATA, RSET, NOOP, 
and QUIT) as per RFC 821, and reports the offending command.

Exchange Server may be issuing SMTP commands that PIX doesn't like or 
trying to use ESMTP (eHlo).  If so, you'll need to turn off MailGuard ("no 
fixup protocol smtp") or re-configure your Exchange Server.

Regards from Shanghai China,

Brian

At 12:01 PM 5/23/2001 -0400, you wrote:
> Date: Mon, 21 May 2001 09:54:39 -0700 (PDT)
> From: Christoph Puetz <puetzc () yahoo com>
> Reply-To: puetz () mho net
> To: firewall-wizards () nfr com
> Subject: [fw-wiz] Exchange Server 2000 and Cisco Pix
>
> Hello wizards,
>
> I have a newly installed Exchange Server 2000 behind
> my Pix and did receive an error from a mail client
> when trying to connect to the Exchange server.
> Microsoft refers to Cisco without really being
> specific - at least I could not find the solution at
> Cisco's web page. Anyone here knows what I have to do?
>
> Here's MS solution (Article ID: Q295164) for the
> problem:
>
> "RESOLUTION
> To resolve this issue, disable SMTP inspection on the
> firewall. If you do not know the command to disable
> SMTP inspection, contact Cisco."
>
> Is this the fixup command I have to use and disable
> smtp?
>
> Thanks for your help in advance!
>
> C.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards