SMTP server behind firewall on the Lan

Gotta80 · June 12, 2014, 1:46am

Hi,
I’ve a deployment with a couple of 580 in HA, configured in bridge mode.
On the LAN there’s a Cisco ASA firewall with a DMZ where there’s a SMTP server.

The DMZ has a dedicated subnet, different from the Peplink one, so to make it reachable from Internet I’ve defined a static route with the ASA outside interface as gateway.
All is working well, from the Internet the DMZ is reachable and mail is delivered.

The problem is when I try to connect to the SMTP from the Peplink to send notifications. I could not manage to reach it.

I tried with a Ping from the Peplink to the SMTP Server address:
If I test from WAN1, I got a redirect from the Internet router and no more.
If I test from LAN, I got no response.
On the ASA log there’s no trace of packets from the Peplink.

Does the peplink use the Static Routes from his own traffic?

thanks
Marco

Ron_Case · June 12, 2014, 3:18am

The Balance should be able to send email notifications from the LAN to get to this DMZ network. It will consider the static route as a local LAN network for routing its own traffic. Does a traceroute from the Peplink LAN take you to the outside interface of the ASA?

Gotta80 · June 13, 2014, 12:00am

Hi.
I tried a Traceroute from the Balance LAN to the DMZ IP while doing a Network Capture on the Balance, and I cannot find evidence of traceroute traffic in the LAN interface dump.

Ron_Case · June 13, 2014, 7:56am

Please open up a support ticket with us here so we can investigate the issue.