Although I have created the rule, SMTP is blocked

I have created a NAT 1:1 rule, see pictures.
I have created a security policy, see pictures.
Despite this, I do not get SMTP allowed. I only want certain IP addresses to be allowed access. These are from Office 365.
Please help I can't get any further.

Best Answers

  • pedritorico
    pedritorico Posts: 2
    First Comment
    edited April 12 Answer ✓

    Hi everyone,

    @PeterUK the nat rule was wrong, I have changed to any and now it works. Thank you very much.

    But do I need also a outgoing rule?

    regards

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited April 12 Answer ✓

    By default their is a rule to send any traffic outgoing I guess you have a Mail server then with a trusted IP to send mail.

All Replies

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited April 11

    Are you sure you need inbound connection and not outbound?

    Some ISP block port 25

    looking at your NAT rule source IP should be any it makes no sense to be WAN1_IP that for external

  • smb_corp_user
    smb_corp_user Posts: 168  Master Member
    5 Answers First Comment Friend Collector Second Anniversary

    Are you sure that TCP port 25 is allowed for Office 365 in your case? The normal port to use is 587 (STARTTLS) for modern and current subscriptions, unless you are using Exchange.

    TCP Port 25 is insecure and exposed, just like HTTP without SSL.

  • pedritorico
    pedritorico Posts: 2
    First Comment
    edited April 12 Answer ✓

    Hi everyone,

    @PeterUK the nat rule was wrong, I have changed to any and now it works. Thank you very much.

    But do I need also a outgoing rule?

    regards

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited April 12 Answer ✓

    By default their is a rule to send any traffic outgoing I guess you have a Mail server then with a trusted IP to send mail.

Security Highlight