Has anyone successfully gotten Lotus Notes 6.5 to send and receive through a PIX firewall via smtp? I have a static statement for my Notes server with public and private IP addresses plus an acl for every port Notes needs open. However, the Windows 2003 server can’t browse the web and the Lotus Notes server running on it cannot send or receive smtp mail even with “no fixup smtp” setting.
Protocol analysis shows a lot of reset 22, ack o, etc. output but I am not well versed with Ethereal.
Subject: PIX and Lotus Notes 6.5.3
Working fine here.
DNS?
What is the default name server?
Subject: RE: PIX and Lotus Notes 6.5.3
Would you mind sending me your static and acl statements and just indicate public vs private instead of the ip addresses?
The default name server is an internal unix server on our lan. When I reverse the static statement to private public instead of Cisco’s public private, the Notes server can get out and send internet mail but still cannot receive internet mail.
Subject: RE: PIX and Lotus Notes 6.5.3
access-list 100 permit tcp any host public eq smtp (bound to outside interface)
access-list 101 permit tcp host private any eq smtp (bound to dmz1 where mail host is located)
static (dmz1,outside) public private netmask 255.255.255.255 0 0
This works for us…
Subject: RE: PIX and Lotus Notes 6.5.3
I watched smtp traffic on the Notes server last night when I brought the pix up. Internet messages were received for about 15 minutes but then the server displayed “not responding”. And the Notes server could not ping the pix or get out the pix. Is this fragmentation? What mtu should I use?
Subject: RE: PIX and Lotus Notes 6.5.3
This turns out to be an arp table problem at our ISP. I asked them to clear their arp table and that fixed everyting.