SMTP Alerts not working across VPN

MadJester · August 27, 2010, 6:36am

I setup a L2TP VPN between a RB433 and an RB450. The VPN appears to work correctly. I can use HTTP to connect to devices at the remote site (10.20.100.0/24), from the core site (10.20.252.0/24). I can ping devices and use remote desktop, or VNC to control windows systems.

There are IP cameras at the remote site, that use SMTP to send alerts back to a server application (10.20.252.50). These alerts are not functioning properly. I see the TCP connection come across the VPN, but it appears in a close wait state and then disappears after it times out 18 seconds later. The connection has the source address of the public IP on the remote host site, and the destination address of the server, on port 25.

These alerts function perfectly from within the same subnet, but they do not work across the VPN. The camera’s error is: "Sending e-mail failed, error #14:"Mail server did not respond (on connect mail server) " This works perfectly on the same LAN as the server.

Suggestions are appreciated.

MadJester · August 27, 2010, 6:43pm

OK, had an unnecessary NAT Masq rule. I removed that and connections are coming in from the internal IP now. Application is still not working, but I can telnet to the SMTP port and get responses across the VPN.

Any suggestions on how to troubleshoot the SMTP alerts from here?

fewi · August 27, 2010, 7:07pm

Sniff traffic on the mail server and see if traffic makes it there. If it does not, sniff traffic on all hops towards the camera and check where you can still see it. If it does make it to the mailserver, also sniff traffic on all hops towards the camera and check if you can see return traffic.