Unable to telnet on port 143 on the public ip of the server
I have a mail server behind a firewall ( ASA 8.3 ), and I have made the configuration in order to telnet on port 143 ( natting and access rule ), but when I try to telnet to the server from the inside ( telnet on the private ip ) I get the following response : OK the Microsoft Exchange IMAP4 service is ready. But when I try it from the outside ( telnet on the public ip ) the port seemes to be opened but I get a blank screen without the message. I have removed the inspection also but nothing happened.
Please I need your help.
Hello Osama,
Can you post the nat configuration and the ACL configuration for this setup?
Also provide the following?
packet-tracer input outside tcp x.x.x.x (host on the outside) 1025 x.x.x.x( public ip address of the server) 143
Then I would like to create some captures, but first let work on this!
Regards,
Julio
Similar Messages
-
I am having a problem moving files from an imac in one location to an imac inanother location. I have tried using Dropbox which is installed in both locations but when i drad a file ino yhe app it becomes an alias. When I get to the other location it says I can't open the file because the " original application that created it is not present". This is despite the fact that the app that created both files is installed in both computers. If I use the Public folder in the idisc, when I get to the other location the file isn't there. Am I forgetting to turn something on or off? Should I manually sync the Public folder and if so how? Thanks
Message was edited by: stephenfromdelray beachSo now that's two of us. Hopefully, someone has an answer.
-
Access to the Public Templates in the Favourites Tab in the Shop Cart scree
Hi All,
How to find out who has the access to the Public Templates in the Favourites Tab in the Shopping Cart screen in EBP 3.O version.
Any Inputs will be highly appreciated.
Thanks
SunilHi All,
How to find out who has the access to the Public Templates in the Favourites Tab in the Shopping Cart screen in EBP 3.O version.
Any Inputs will be highly appreciated.
Thanks
Sunil -
I can't get my pictures into the public folder on the iPad 3. Can someone walk me through the steps?
Ok, I'll give it a try.
Presuming you already have a Dropbox account, and you have the app on your pad.
Open the app, navigate to public folder. Touch the upload icon at the bottom. It will show you everything you have already uploaded. To upload a new picture, then touch the plus sign at the top right. You can create one or more subfolders to organize it however you want.
Hit the plus sign again if needed, and the photo listing will show up. Find the photos you want and mark them by touching them. Then touch the blue word upload in the upper right.
( the directions assume the pad is in the landscape mode.)
That's really all there is to it. As I typed this I opened and uploaded a couple of pics to get the steps right. -
Unable to telnet to port 25 from within or without the network.
Hi there, I have been wrestling with firewall and mail settings in Server Admin to enable mail services for a client and could use some assistance as I am new to mail administration on OS X.
I am trying to isolate whether or not I am being blocked by the firewall or by erroneous setup in Mail Settings.
The firewall service on the network "any" has a check for Mail: SMPT for both TCP and UPD on the "Services" tab.
At this point I am just working with SMTP for outbound mail only. I have a suspicion that I am not setting the parameters for local internet domain name, and internet host name correctly; or that the settings I have are correct, but not valid.
The hostname of the server is ##-###-##-###.atgi.net, where ## correspond with the numbers in each octet of the IP address. The MX record is pointing to smtp.CLIENT'SDOMAN.com. (where CLIENTS'SDOMAIN is the actual domain for this company) (Registrar is Network Solutions, I do not have DNS enabled on this server)
SMTP settings are as follows:
Enable SMTP is checked
Allow Incoming mail is not checked
domain name is: ##-###-##-###.atgi.net
Host Name is: smtp.CLIENT'SDOMAIN.com
Everything else in mail settings not active.
Here are the SMTP log entires when I sart mail service:
Oct 9 00:02:32 66-182-60-162 postfix/postfix-script: stopping the
Postfix mail system
Oct 9 00:02:32 66-182-60-162 postfix/master[13377]: terminating on signal 15
Oct 9 00:02:32 66-182-60-162 postfix/master[14147]: daemon started --
version 2.1.5
Questions:
1. Shouldn't I be able to see smptd running at this point?
2. Telnet to port 25 on the server itself and outside the network is rejected, wth?
3. Should I change the local internet domain ##-###-##-### to be the client's actual domain name?
Any help that anyone could provide would be greatly appreciated. If I can provide more supporting documentation, please just let me know what would be useful. I am quite new to OS X / Darwin, more comfortable with linux.
Thanks in advance$ sudo postconf -n
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter =
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
enableserveroptions = yes
html_directory = no
inet_interfaces = localhost
localrecipientmaps = proxy:unix:passwd.byname $alias_maps
luser_relay =
mail_owner = postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
messagesizelimit = 10485760
mydestination = $myhostname,localhost.$mydomain
mydomain = xpressprintnow.com
mydomain_fallback = localhost
myhostname = smtp.xpressprintnow.com
mynetworks = 127.0.0.0/8
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpdclientrestrictions = hash:/etc/postfix/smtpdreject
smtpdenforcetls = no
smtpdpw_server_securityoptions = plain
smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
smtpdsasl_authenable = yes
smtpdtls_certfile = /etc/certificates/Default.crt
smtpdtls_keyfile = /etc/certificates/Default.key
smtpduse_pwserver = yes
smtpdusetls = no
unknownlocal_recipient_rejectcode = 550
virtualmailboxdomains =
virtual_transport = virtual -
Before upgrading to this version of Firefox I could simultaneously have my public version and my admin version of my web-site open. I could make changes in the admin version and then check to make sure the public version registered and displayed the changes just as I wanted them. Now it keeps switching so both of them are public or both of them are admin. I want to know how to disarm this function. Thanks!
Start Firefox in [[Safe Mode]] to check if one of your add-ons is causing your problem (switch to the DEFAULT theme: Tools > Add-ons > Themes).
See [[Troubleshooting extensions and themes]] and [[Troubleshooting plugins]]
If it does work in Safe-mode then disable all your extensions and then try to find which is causing it by enabling one at a time until the problem reappears.
You can use "Disable all add-ons" on the [[Safe mode]] start window to disable all extensions.
You have to close and restart Firefox after each change via "File > Exit" (Mac: "Firefox > Quit"; Linux: "File > Quit") -
Building configuration...
Current configuration : 3351 bytes
! No configuration change since last restart
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no aaa new-model
memory-size iomem 10
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1515919628
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1515919628
revocation-check none
rsakeypair TP-self-signed-1515919628
crypto pki certificate chain TP-self-signed-1515919628
certificate self-signed 01
ip source-route
ip dhcp excluded-address 10.10.10.1
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
ip cef
no ip domain lookup
ip domain name yourdomain.com
no ipv6 cef
license udi pid CISCO881-K9 sn FCZ1639C2EX
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
ip address 10.1.1.245 255.255.255.0
ip access-group KARIDGE in
ip access-group KARIDGE out
duplex auto
speed auto
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 100.241.190.125 255.255.255.240
ip tcp adjust-mss 1452
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip route 0.0.0.0 0.0.0.0 100.241.190.113
ip access-list extended KARIDGE
permit ip host 10.1.1.6 any
permit ip any host 10.1.1.6
access-list 23 permit 10.10.10.0 0.0.0.7
no cdp run
line con 0
login local
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
endCan you connect throght SSH? Which is the error message that you see?
Looking at your configuration file I don´t see the lines "enable secret" neither "enable password". If you don´t define them you can´t connect remotely to any device. -
A problem with accessing the public variable inside the function
Hi,
I have got this package and I get error 1120: 1120: Access of undefined property aa
Could you explain why I get this error?
package somepackage {
import flash.display.DisplayObject;
import mx.containers.Canvas;
public class SoundPictureSigns extends Canvas {
public var aa:int = 12;
public function SoundPictureSigns():void {
public static function setUpSignSizes():void {
trace("aa="+aa); /// ERROR here: 1120: Access of undefined property aa
Can you help?
RegardsWhen you write
class C
var v;
you are defining a variable that lives inside each instance of C. In other words, you can write code like
var c:C = new C();
c.v = 1;
If you don't have an instance, you can't access v.
When you write
class C
static var v;
you are defining a variable that lives inside the class itself, and you can access it without having an instance.
Gordon Smith
Adobe Flex SDK Team -
TMobile and Sony should not scam the public by selling the defective piece of junk xperia
this phone is a total LEMON, A PIECE OF CRAP.
Why does a company sell me a phone for $1000 (before tax) that they know does not work properly?
This is nothing but a scam dirt-bag. company,
What kind of company sells you this junk, and then does not stand behind it?T-mobile isn't selling the Z1 yet...
-
Unable to Telnet / SSH to a particular cisco switch
Hello,
I have an unusual issue that I just can't seem to track down. We have a Windows Server 2008 R2 box that is unable to telnet or ssh to one switch in our network.
Server IP: 10.0.0.74
Cisco Switch IP: 10.1.0.7
I am able to access all other switches/routers on the 10.1.0.x network, but not this one. I ping and tracert by ip address and name.
We have a number other servers on our network and they all can access this switch
Example:
a. 10.0.0.73 can telnet/ssh to 10.1.0.7
b. 10.0.0.72 can telnet/ssh to 10.1.0.7
c. 10.0.0.50 can telnet/ssh to 10.1.0.7
d. My workstation (10.0.250.213) can telnet/ssh to 10.1.0.7
If anyone can help with troubleshooting further, I would greatly appreciate it.Thanks for the reply Philippe! Here is the route print
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.2 10.0.0.74 266
10.0.0.0 255.255.0.0 On-link 10.0.0.74 266
10.0.0.74 255.255.255.255 On-link 10.0.0.74 266
10.0.255.255 255.255.255.255 On-link 10.0.0.74 266
10.10.0.0 255.255.0.0 On-link 10.0.0.74 266
10.10.0.74 255.255.255.255 On-link 10.0.0.74 266
10.10.255.255 255.255.255.255 On-link 10.0.0.74 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.74 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.74 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.0.0.2 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Firewall is disabled and there is no active antivirus. Im pretty sure port blocking is not the issue. I am able to ssh and telnet from this box to every other switch/router in our network.
This server has Solarwinds on it and tracks the health of our network (servers, routers, switches, ups, ect.). The only reason we noticed an issue is because it stopped backing up the config for this particular switch. All other switchs/routers
config is backed up to this server every morning at 2:00AM.
With solarwinds, this server is also able to communicate with this switch via snmp / icmp and ping.
Thanks again for the help! -
Cannot receive mail from .Mac account on port 143
I use my laptop at work. I used to have a 12" Powerbook G4 running OS X 10.4.3. I had no problem receiving mail from my .Mac account. Now, and all of a sudden, I can no longer receive my .Mac mail using the Mail app. The error I get is:
The server "mail.mac.com" refused to allow a connection on port 143.
I called AppleCare about this issue last night and they told me to perform the following steps:
1. Choose .Mac in System Preferences and delete my username and password from the Account tab.
2. Move com.apple.mail.plist and the Mail folder from my ~/Library folder to the desktop.
3. Restart the Mail app and re-import the Mail folder from the desktop. I was told not to directly copy the Mail folder from the desktop into the ~/Library folder.
4. Go back into .Mac in System Preferences and re-enter my account information.
According to AppleCare, things should now work. But there's a little problem with this "solution." I spoke with my network admin and he told me that incoming traffic on port 143 is blocked. That being the case, I fail to see how any of the above steps will solve my problem. It seems nothing more than an issue of trying to get my network admin to open port 143 and he seems reluctant to do that.
Any feedback would be appreciated.
Thanks,
RichardI've solved this problem. Well, actually, I didn't do anything other than:
1) Rebooting my computer, then...
2) Following the instructions at the top of the following thread to re-create my email accounts (I had two):
http://discussions.apple.com/message.jspa?messageID=1598309#1598309
Not sure what this fixed, and how I got into this issue in the first place.
I had four or five days worth of email to come in... it took...
...a...
...long...
...time...
But its looking like its working.
A few things I tried, and although they didn't have an immediate effect to fix the connection refused problem, they might have kicked something to start something working again:
1) Created a new 'test' user on the system, restarted, logged in as that user, and started Mail.app setting it up with .Mac settings (it was after this everything worked)
2) Changed SSL ports in the accounts settings (no difference)
3) Turned firewall on and off (no difference)
4) Attempted to use Thunderbird to read .Mac email as IMAP mailbox (didn't work)
Hope this rather obvious help helps anyone else -
I'm running 10.5.5. For the last two weeks my mail app is almost unusable. I've been working with my host company and they are certain the issue is with Mac Mail. When I try to delete emails the emails wont move to the trash folder and I get a port 143 time out message that reads, "the connection to the server mail.mydomain.com on port 143 timed out." This issue is on my desktop, macbook and my wife's macbook. I would appreciate any help, or just to know that we are not alone with this problem.
I've tried deleting all mail accounts, removing the file com.apple.mail.plist, but after all that the problem still exists. We use Comcast.
Thanks!This is not a Mail issue, so don't get comfortable with that fallacy. ISPs and others always blame Apple because they only know Windoze, so they assume that every problem with a Mac must be an Apple issue. The fact that it's only been happening for two weeks is proof it's not an Apple issue. There are other causes for this problem and we haven't eliminated all of them yet.
Try these steps:
1. Quit Mail if it's running.
2. Go to Home/Library/Caches/Mail and delete all the sub-folders within that one.
3. Go to Home/Library/Mail and delete any of these files you have there:
• LSMMap3
• Envelope Index
4. Restart Mail and allow it to import your existing messages; when it's done, test it to see if you can now delete messages using the default Incoming port of 143 or Port 995 with password authentication and SSL enabled. You might also try changing the default Outgoing port to 587 from whatever it is currently, again with password authentication and SSL enabled.
If it works correctly, then your problem is resolved.
Mulder -
NAT support - how to obtain the public IP address?
Hi
I am developing an instant messenger in which users can start a conversation with another user through obtaining the IP address of the intended recipient from a mySQL database on the web server.
This works fine within a local network. However, the address in the database upon user login is the private IP address within the LAN and not the global address - consequently my software cannot be used outside the LAN currently.
Is it possible to use a method within the java.net library to send the public (global) address of the client to a server? And if so, how can I handle the ability to receive a reply from the server (which would arrive at the public IP the message was sent from, ie. the NAT firewall) so that it is delivered to the correct port and private IP on the client?
Joe BarberIf the server is on the public internet and the client is on a private network the server will see the public address and port, and can get it from a connected socket. Unfortunately if the nat box uses DHCP there is no guarantee that this will be the same next time, so persisting that value in a database is not a good idea. If both the client and server are behind nat gateways, they cannot directly establish calls. The better choice for these kind of systems is to run the server on the public internet on a well known address and have your clients connect to the server.
You will find lots of discussion on the difficulties of nat and p2p on this forum and by looking in google. -
Error writing the handshake string to the newly established connection. (02
Hi
I am having problems connecting from my Master to the Local Distributor server both on Solaris 10
I am using ssh with ssl and select encryption, no authentication on the Master
I was able to ssh from master to LD with prompt
I check the path it was correct
When I installed the LD I specified ssh
I turn on the Debug and got the following results
Debug from SPS Viewing Host Information
Trace route to 10.233.12.38:70001 failed. (022167)
Error writing the handshake string to the newly established connection. (022181)
Connection handshake failed, invalid handshake string. Ensure that the path to the N1 Service Provisioning System application is correct, the application is configured to accept ssh connections and that you can ssh to the machine without any prompts.
[debug1: channel 0: obuf empty, debug1: channel 0: close_write, debug1: channel 0: output drain -> closed, debug1: channel 0: almost dead, debug1: channel 0: gc: notify user, debug1: channel 0: gc: user detached, debug1: channel 0: send close, debug1: channel 0: is dead, debug1: channel 0: garbage collecting, debug1: channel_free: channel 0: client-session, nchannels 1, debug3: channel_free: status: The following connections are open:, #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1), , debug3: channel_close_fds: channel 0: r -1 w -1 e 7, debug1: fd 0 clearing O_NONBLOCK, debug1: fd 1 clearing O_NONBLOCK, debug1: fd 2 clearing O_NONBLOCK, debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds, debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0, debug1: Exit status 1](022138)
Debug from cr_server.out
2007-07-12 15:49:57,342 ERROR [Connection [127.0.0.1305]-[10.233.12 .38:70001]:Reader] com.raplix.rolloutexpress.net.transport.Connection$Rea
dThread (Connection.java:515) - Exception when reading from connection in
put:Connection [127.0.0.1:98305]-[10.233.0.38:70001]:Closing connecti
on:
Unable to make connection handshake using data, "0". (022195)
Ok what am I mssingHi,
I am not quite sure where exactly you get an error. Are you trying to prepare an agent that connects to your newly installed LD?
You did mention the following:
I was able to ssh from master to LD with promptDo you mean you could login from the MS to the LD without password and got the OS prompt? What you have to make sure is that your ssh authentication works for the n1sps user (or whatever you have chosen during installation) from MS to LD and from LD to RA. That involves copying the public key from the MS n1sps user to the .ssh/authorized_keys files on the LD and RA. And after that, you should check the connections manually:
1. From the MS: ssh <LD> ls -al
2. From the MS: ssh <LD> ssh <RA> ls -al
These both commands should work without any prompts and after that, you shouldn't get any error messages in SPS anymore.
HTH,
Michael -
Separate security for both of two distinct parties - 1 the data owner - 2 the application owner
I have written a web application in .net that runs on a shared server using Sql Server 2012. My program is only useful if I partner with certain data owners. I need to protect my program; they need to protect their data. I am assuming they at least run Sql
Server 2008 R2. I need to interface with their database using a couple of stored procedures. I want these procedures to only be available to my application, and I want the processes and output of the stored procedures to be apparent to me and to my application
alone. I assume they want their data to only be available to my application, not to me generally. This application needs to be available from my website, as well as from their website. I realize this question touches on areas outside of Sql Server Security
as it reaches into basic architecture as well. Any help or pointers to help would be greatly appreciated.
Thank you,That article discusses the situation in a single instance of SQL Server and is in no way applicable to a scenario where you want to set up trust between a web server and an SQL Server instance.
There is one thing you can do with certificate, that possibly may be appliable to your situation. Say that you develop the stored procedures at your site, and then deploy them at the other site. You want to make sure that the procedures are not modified
locally. To this end yon can sign the stored procedure with a certificate locally. When you ship the procedures, you also ship the public key of the certificate, and in the install script you use ADD SIGNATURE WITH BLOB to sign them. You take that blob from
your home system.
Your web application can then repeatedly check that the procedures are signed with the correct signature. It the procedure is changed locally, the signature is lost. They can re-sign it locally, but not with the certificate you shipped.
This does not prevent other users from calling the stored procedures or look at the code. For that you need trust and contracts between humans.
Erland Sommarskog, SQL Server MVP, [email protected]
Maybe you are looking for
-
Error while activating the transformation for cube
Hi everyone, I m working on BI7, & while activating the transformations the system trrows an error saying that 'amount infoobject is not assained' and 'unit of measure is not used' even though I hav assigned both the fields to Amount infoobject. wo
-
Problem with serial number, when I bought Keynote on Mac App Store
Hi, I bought yesterday Keynote and Numbers yesterday in online Mac App Store, not retail. I had had trial version, but over time. I bought this software, system this software installed. But when I run this software, it want serial number or buy ... w
-
Work flow mails not processing from SAP Outbox to Approvers
Hello, We are working on the implementation of Work flow for Purchase orders. Work flow customization is completed and even work flow is triggering when ever I create Purchase Order. Even Agent assignment also completed for work flow tasks via T code
-
I just bought a used computer and i am currently updating this computer to Mavericks upgrade for free. How can I wipe it clean, and also how can I reset the password from the sellers password?
-
A buzzing when I turn my computer on?
This is the first problem I've ever experianced with my MacBook (white). I got it back in June and it has worked fine until this morning when I turned it on and it started making this obnoxious buzzing and grinding sound that won't stop until I turn