cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Shivajith_S
Nickel

Firewall not receving Smtp

The scenario is Smtp packet nor able to reach cp security gateways from external to inside ( it's means from internet ) traffic hit can not see in the firewall logs for Smtp,  did not done any changes on the policy , hence  twisted is can able to telnet the public ip with port 25 from outside , But this traffic also not able to see in the logs , total mails are down from external to internal , in ISP side able to see the smtp traffic ...even not showing accept or drop ...

Bit wied issue...

5 Replies

Re: Firewall not receving Smtp

In this case, it is better to contact TAC.

I had same issue once time. We didn't receive any email from external mail servers.

The issue was IPS. I suggest to you should check log Prevent action from SmartLog Tracker. If it is IPS prevent, you have to create exception on Threat Prevention rule.

0 Kudos
Shivajith_S
Nickel

Re: Firewall not receving Smtp

In this case did failover in firewall ( firewall in cluster )started to receive. 

Do know why is the root cause...

Do migth be the issue with hotfix ?

Running take 46 r80.1 over ver.

0 Kudos

Re: Firewall not receving Smtp

You can try to do an fw ctl zdebug + drop | grep smtp from expert mode on the gateway, and perhaps see why its being dropped.  

0 Kudos
Employee
Employee

Re: Firewall not receving Smtp

Seems the R80.10 Jumbo Hotfix Accumulator you are using is old

please see sk116380 - Jumbo Hotfix Accumulator for R80.10 for information regarding latest JHF versions

What blades are enabled on the cluster? Is the issue still reproducing after cluster fail-over? did you open a ticket with TAC that we can track? You can contact me offline at marioz@checkpoint.com

0 Kudos
Shivajith_S
Nickel

Re: Firewall not receving Smtp

Hi Mario Zuker,

The issue was resolved , we cleared the arp, made failover...now it's able to see traffic .but our partner got log and submitted to CP TAC they said got some connectivity issue , I am not sure why onli one traffic affected remain all working the same connection still mystery...

0 Kudos