Announcement

Collapse
No announcement yet.

No Connection allowed SMTP via different subnet

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • No Connection allowed SMTP via different subnet

    I am having a strange issue (at least I think it is)

    Exchange Server 2003 SP2...SMTP Virt Server has connection and relay restrictions...only specific IPs on our network have access. one of the IPs is on a different subnet.

    The problem: the server with IP on the different subnet from the Exchange server is unable to connect to the Exchange server over 25. when I attempt to connect via telnet (telnet ipaddress 25), there is nothing returned ('blank' window) and eventually the cmd window goes back to default directory (telnet times out I guess???). This behavior is not exhibited on servers with IPs in the list that are on the same subnet.

    However, when I change the connection and relay settings on the SMTP virt server to allow all except the list below (making no entries in the list), I am able to telnet to the exchange server over 25 from the servers on the different subnet.

    Has anyone ever seen this type of behavior? advice/suggestions?

    Thanks in advance!
    -John

  • #2
    Re: No Connection allowed SMTP via different subnet

    My guess is that you're putting the internal address in the allowed scope but the connection is coming from a NAT'ed address (or vice versa).

    Comment


    • #3
      Re: No Connection allowed SMTP via different subnet

      thanks for the reply joeqwerty!

      I just confirmed with the network guys that nothing from that subnet is being NAT'd. For clarification, that network is our DMZ and the subnet the exchange server is on is our 'admin' internal network.

      Comment


      • #4
        Re: No Connection allowed SMTP via different subnet

        The easiest way to figure this out would probably be to run a packet capture program on the Exchange server, start a capture, telnet from the other server to port 23 (or any other port except port 25, to make the traffic easier to find in the capture. I know it won't connect but you should be able to see the connection attempt. If you telnet to port 25, you'll have to sift through all of the other traffic to port 25 which will make it harder to find), stop the capture, and look for the traffic going to port 23 then identify the ip address it's coming from.

        Comment


        • #5
          Re: No Connection allowed SMTP via different subnet

          i will try that...however, don't you find it kind of odd that there are no connection issues when the SMTP virt serv is set to allow all connections? if it were a NATing issue or network issue, i would think no connection would happen regardless of what the SMTP virt serv settings are, no? does that make sense?

          Comment


          • #6
            Re: No Connection allowed SMTP via different subnet

            Allowing any connection makes me think the the "client" server is connecting to the Exchange server on a different ip address than the one you think and had originally defined in the connection scope.

            Allowing any connections is just what it says, it allows a connection from any ip address. When you set it to this, it works.

            When you set it to allow connections from the ip address of your other server, it doesn't work, which makes me think the other server is connecting to it from an ip address other than the one you think it is connecting from.

            Comment


            • #7
              Re: No Connection allowed SMTP via different subnet

              so further inspection (via wireshark) revealed the packet was being seen as sent by the firewall interface...the network guys checked it out and saw that a little bit of hide NAT was going on...problem solved

              thanks joeqwerty!

              Comment


              • #8
                Re: No Connection allowed SMTP via different subnet

                Glad to help.

                Comment

                Working...
                X