Hello.
I've got a problem with a fortigate 60d 5.2.2. I've got a Exchange 2010 server, I cannot receive e-mail from external mail servers. My NAT rule on port 25 is OK. My policy is also good. I have no UTM profile activated on the policy rule. On the firewall custom security policy is applied with no Security Features "antivirus, Application controle, Email filter, Intruion Protection etc.. Are disable).
I can connect to the Exchange server using telnet on port 25, so the NAT (VIP) and access rules are OK.
Any idea ?
Thank you.
This isn't much to go on, can you post (via screenshots) your fw policy information (san any identifiable IP addresses), including any address object labels and VIPS.
It would also help if you can provide any troubleshooting steps you have performed so far. (e.g. checking the Fortigate and Exchange logs for any unusually messages, checking those outside servers for any errors, etc.) If your exchange server has an "outside" IP address or is using the Fortigate's IP, check the usually anti-spam sites (e.g. Spamhaus) to see if either IP address is blocked. Enabling the count column on your fw policy list to see which policies are being hit.
Try running debug flow, something like the following:
diag debug reset
diag debug flow filter addr <source IP address>
diag debug flow show console enable
diag debug flow trace start 100
diag debug en
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
any update?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.