Solved: Re: Failed to connect to SMTP server - smtp Traffi...

EVSolovyev · ‎2019-03-21

Hello.

I see drops in my logs and I can't undesstend why:

In extended log I see:

Help to understand it, please.

Vincent_Bacher · ‎2019-03-21

apparently no issue at your site as there is same issue anywhere in the internet i checked

and now to something completely different

View solution in original post

Vincent_Bacher · ‎2019-03-21

Hello,

would test connectivity between gateway and destination, as per log reject reason is "failed to connect to SMTP server".
regards
Vincent

and now to something completely different

EVSolovyev · ‎2019-03-21

Hello.

I try to test connectivity and what I see? I see strange things...

[Expert@CP-INET-FW-02:0]# telnet 80.237.91.168 25
Trying 80.237.91.168...
telnet: connect to address 80.237.91.168: No route to host

[Expert@CP-INET-FW-02:0]# tracert 80.237.91.168
traceroute to 80.237.91.168 (80.237.91.168), 30 hops max, 40 byte packets
1 31.173.230.225 (31.173.230.225) 19.316 ms 19.446 ms 19.511 ms
2 37.29.105.53 (37.29.105.53) 20.677 ms 20.804 ms 20.887 ms
3 kbk06.transtelecom.net (217.150.41.218) 19.549 ms 19.703 ms 19.628 ms
4 rdn06.rdn23.transtelecom.net (217.150.60.126) 128.941 ms 129.163 ms 129.660 ms
5 rostvertol-gw.transtelecom.net (217.150.60.125) 128.187 ms 128.234 ms 128.294 ms
6 gate.rostvert.ru (80.237.91.168) 128.340 ms 127.373 ms 127.312 ms

[Expert@CP-INET-FW-02:0]# ping 80.237.91.168
PING 80.237.91.168 (80.237.91.168) 56(84) bytes of data.
64 bytes from 80.237.91.168: icmp_seq=1 ttl=59 time=127 ms
64 bytes from 80.237.91.168: icmp_seq=2 ttl=59 time=127 ms

--- 80.237.91.168 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 127.463/127.567/127.671/0.104 ms

[Expert@CP-INET-FW-02:0]# telnet 80.237.91.168
Trying 80.237.91.168...
telnet: connect to address 80.237.91.168: No route to host

[Expert@CP-INET-FW-02:0]# ip r get 80.237.91.168
80.237.91.168 via 31.173.230.225 dev eth1.3021 src 31.173.230.234
cache ipid 0x9944 mtu 1500 advmss 1460 hoplimit 64

[Expert@CP-INET-FW-02:0]# ip r | grep default
default via 31.173.230.225 dev eth1.3021 proto routed
[Expert@CP-INET-FW-02:0]#

Vincent_Bacher · ‎2019-03-21

apparently no issue at your site as there is same issue anywhere in the internet i checked

and now to something completely different

EVSolovyev · ‎2019-03-21

Thank you.

Timothy_Hall · ‎2019-03-21

The ICMP type is Destination Unreachable, but it would have been interesting to see the accompanying code as well. My guess is "Admin Prohibit".

Updated 2023 IPS/AV/ABOT R81.20 Course now
available at maxpowerfirewalls.com

EVSolovyev · ‎2019-03-21

Yes, you are right. Day ago after I understand, that it is not CP problem and found it.

00:30:20.379482 IP (tos 0x10, ttl 64, id 35366, offset 0, flags [DF], proto: TCP (6), length: 60) 31.173.230.232.10500 > 80.237.91.168.smtp: S, cksum 0x41a2 (correct), 3769254737:3769254737(0) win 5840 <mss 1460,sackOK,timestamp 634374519 0,nop,wscale 10>
00:30:20.507952 IP (tos 0x0, ttl 59, id 62007, offset 0, flags [none], proto: ICMP (1), length: 88) 80.237.91.168 > 31.173.230.232: ICMP host 80.237.91.168 unreachable - admin prohibited, length 68

So the problem on a remote side.

Are you a member of CheckMates?

Failed to connect to SMTP server - smtp Traffic Rejected