Cisco 2801 with Firewall and NAT

By tsteh ·

I have installed a Cisco 2801 with firewall feature into my customer network. 2801 with 2 LAN interface. First FE0/0 connected to the internal LAN with IP and FE0/1 connected to the SDSL with static IP ( The firewall rules is Any-Any allow.

Before the deployment of Cisco 2801, the customer with wireless router can send mail to their mail server at external with port 25. But, after the Cisco 2801 deployment, the customer was unable to send mail via port 25. We have verify with the ISP, they only block port 25 from dynamic IP and not static IP. However, if we send mail via other port is ok.

Anyone can advise where went wrong.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

I would

by william.bondy In reply to Cisco 2801 with Firewall ...

I would double check your rules on that box, wasn't there a place to forward port 25 to mail server? I haven't had a chance to look at the 2800 yet. Is the Mail server out side or inside? Turn the feature off and test it, to nail down to see if it is the Firewall Features, I am guess you already did that

Collapse -

Problem resolved

by tsteh In reply to I would


Thanks for your reply. I guess I'm managed to resolve the problem but has not found the root cause. To answer your question, the mail server is located at external.

At first, I restore to factory default. Follow the SDM wizard for simple routing and NAT without firewall function. I managed to send mail out on port 25.

However, when I enable the firewall function with Low Security Profile. I was unable to send mail out on port 25. As such, I edit the predefined rules and remove the customized service group by Cisco. I manually add the services that wanted. After test it and works.

I have yet to identified the root cause why the customized service group will cause the mail can't send out on port 25. Maybe you have any suggestion?

Related Discussions

Related Forums