Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » KWF blocking MS-Exchange ?
  •  
parizelf

Messages: 2
Karma: 0
Send a private message to this user
Hi there,

We have a problem using Kerio Winroute Firewall : it seems the firewall engine blocks connections between the server running Kerio (which is a bridge-head MS Exchange 2003) and another server (main MS Exchange 2003), both on the same LAN.

Symptoms are as follows :
- the server running Kerio detects portscans from the second server.
- incoming emails arrive in the front Exchange SMTP queue, then should be routed (by SMTP) to the main Exchange server (hosting the mailboxes). Instead, they stay stuck forever in the queue.
- if we stop KWF, the emails are unqueued a couple of minutes later.

Those servers are hosted by an ISP, behind a firewall, so KWF is actually only used for the VPN module. Thus, the ruleset is quite simple : default rule is disabled, replaced by a rule authorizing everything from everyone to everyone on all ports. But this just doesn't seem to be enough.

Is there a SYN FLOOD and portscan blocking module or something that could interfere ? If so, how can it be deactivated ? We only need the VPN function of KWF...

Thanks for any help.
Regards,
-Fabrice.
  •  
parizelf

Messages: 2
Karma: 0
Send a private message to this user
After changing the Protocol Inspector option to None instead of Default, emails are not blocked anymore.

Quote answer from Kerio support :

Okay, KWF reports possible port scans, but does not block them. However, you are correct in disabling the protocol inspectors. In most cases (just about all of them actually) where email is blocked, it is a protocol inspection bug that is causing it.

You need the protocol inspectors turned on to scan email for viruses. So, if you are using antivirus features, you will need to continue to pursue this issue.


Case closed it seems.
Previous Topic: newbee!!!! can resolve some addresses
Next Topic: Windows 2003 64-bit
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 04:18:36 CET 2017

Total time taken to generate the page: 0.00341 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.