Firewall Wizards mailing list archives
RE: (no subject)
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 15 Jan 2002 12:05:34 -0500 (EST)
Are you trying to access mail.hotmail.com for the e-mails? Certainly looks, like others I think suggested that outlook is setup with merely 'mail' as the connection you are trying to make, that's incorrect, try mail.hotmail.com, this might fix part of the problem. Of course, the Secure(SSL): No, Socket Error: 11001, Error Number: 0x800CCC0D.... part suggests there might well be another issue, as pop3 does not do SSL, so, this is confusing on this end still... Thanks, Ron DuFresne On Mon, 14 Jan 2002, Terry Bertrand wrote:
I am using NAT (overload)and it works fine for everything else, I am able to browse the inetrnet and all. This was just a partial access-list that I mentioned, I also have the established acl included already. I did include the "access-list xxx deny ip any any log", but nothing shows up in the console router log as being denied when I try to read mail from outlook express... partial list access-list 105 permit tcp any any eq 110 log (in) access-list 106 permit tcp any any eq 25 log (out) here is the error I get from outlook express.... .....The host 'mail' could not be found. Please verify that you have entered the server name correctly. Account: 'mail', Server: 'mail', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: 11001, Error Number: 0x800CCC0D.... ThanksFrom: "Deane, James" <jdeane () chx com> To: 'Terry Bertrand' <tfbsr () hotmail com>, firewall-wizards () nfr com Subject: RE: [fw-wiz] (no subject) Date: Mon, 14 Jan 2002 08:35:56 -0600 Terry, You mention that the router is running NAT, but the ACLs you list are for permitting/denying traffic to/from an interface. So, does it work if the router is introduced with NAT, but no ACLs applied? (i.e. do you know if it is NAT or the ACLs that is getting in your way?) You could try adding this line to access-list 105: access-list 105 permit tcp any any established This will allow replies to your connection request back in (ummm, as well as anything else with the ack bit set) however, this is often necessary since your PC will use some arbitrary high port to connect to the mail server. Also, try adding the "log" keyword to each of your ACL lines and add a line that says "access-list xxx deny ip any any log" to the end of each ACL. That way, you can see what traffic is being permitted/denied by each ACL in the router's log. HTH, Jim -----Original Message----- From: Terry Bertrand [mailto:tfbsr () hotmail com] Sent: Saturday, January 12, 2002 4:21 PM To: firewall-wizards () nfr com Subject: [fw-wiz] (no subject) I am running a cable network at home which includes a cisco router. I am able to access email from my cable provider using outlook express without the router. When I include the router which is running NAT as part of the network I am unable to access mail using outlook. Does anyone have any idea as to what sort of access-list I would neet to access mail. I have tried the following. the configuration of outlook express is out mail port 25 in mail port 110 access-list 105 permit tcp any any eq smtp (in) access-list 106 permit tcp any any eq smtp (out) Thanks for your time Terry _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizardsTerry _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: (no subject), (continued)
- Re: (no subject) Paul D. Robertson (Jan 13)
- Re: (no subject) Joseph S D Yao (Jan 14)
- Re: (no subject) R. DuFresne (Jan 15)
- Re: (no subject) Luca Berra (Jan 15)
- RE: (no subject) Deane, James (Jan 15)
- Re: (no subject) Terry Bertrand (Jan 15)
- Re: (no subject) Joseph S D Yao (Jan 15)
- RE: (no subject) Terry Bertrand (Jan 15)
- RE: (no subject) Don Kendrick (Jan 16)
- RE: (no subject) Paul D. Robertson (Jan 16)
- RE: (no subject) R. DuFresne (Jan 16)
- Re: (no subject) Terry Bertrand (Jan 15)
- Re: (no subject) Terry Bertrand (Jan 15)
- Re: (no subject) Joseph S D Yao (Jan 15)
- RE: (no subject) Greg Hastings (Jan 16)
- RE: (no subject) Terry Bertrand (Jan 16)
- Re: (no subject) Gregory Hicks (Jan 16)