473,851 Members | 2,137 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

how can i access web mail through vpn client?

2 New Member
I have configured remote access VPN with local pool in ASA firewall however im accessing all the resources(my private network such as servers ) through Asa firewall after getting connected the VPN but i cant the mailing server through web mail(ports like 80).Please check the configs

Expand|Select|Wrap|Line Numbers
  1. PuTTY log 2010.10.13 13:11:53 
  4. User Access Verification
  6. Password: 
  7. Type help or '?' for a list of available commands.
  9. IFASA> en
  10. Password: **************
  12. IFASA# sh run
  13. : Saved
  14. :
  15. ASA Version 7.1(2) 
  16. !
  17. hostname IFASA
  18. domain-name default.domain.invalid
  19. enable password 8pkSRCt/lliZt3SZ encrypted
  20. names
  21. !
  22. interface Ethernet0/0
  23.  description "Connected with internet router on port F0/0"
  24.  nameif outside
  25.  security-level 0
  26.  ip address 
  27. !
  28. interface Ethernet0/1
  29.  description "Connected with Core switch on port G0/1"
  30.  nameif inside
  31.  security-level 100
  32.  ip address 
  33. !
  34. interface Ethernet0/2
  35.  nameif dmz
  36.  security-level 50
  37.  ip address 
  38. <--- More --->
  40. !
  41. interface Management0/0
  42.  description ##Management Port####
  43.  nameif mgm
  44.  security-level 90
  45.  no ip address
  46.  management-only
  47. !
  48. passwd 8pkSRCt/lliZt3SZ encrypted
  49. ftp mode passive
  50. dns server-group DefaultDNS
  51.  domain-name default.domain.invalid
  52. access-list outside_access_in extended permit icmp any any echo-reply 
  53. access-list outside_access_in extended permit icmp any any source-quench 
  54. access-list outside_access_in extended permit icmp any any unreachable 
  55. access-list outside_access_in extended permit icmp any any time-exceeded 
  56. access-list inside_nat0_outbound extended permit ip any 
  57. access-list inside_nat0_outbound extended permit ip 
  58. access-list inside_nat0_outbound extended permit ip 
  59. access-list inside_nat0_outbound extended permit ip 
  60. access-list inside_nat0_outbound extended permit ip 
  61. access-list inside_nat0_outbound extended permit ip 
  62. access-list inside_nat0_outbound extended permit ip host 
  63. access-list inside_nat0_outbound extended permit ip 
  64. access-list inside_nat0_outbound extended permit ip 
  65. access-list inside_nat0_outbound extended permit ip 
  66. access-list inside_nat0_outbound extended permit ip 
  67. access-list inside_nat0_outbound extended permit ip 
  68. access-list inside_nat0_outbound extended permit ip 
  69. access-list inside_nat0_outbound extended permit ip 
  70. access-list inside_nat0_outbound extended permit ip 
  71. access-list inside_nat0_outbound extended permit ip 
  72. access-list inside_nat0_outbound extended permit ip 
  73. access-list inside_nat0_outbound extended permit ip 
  74. access-list inside_nat0_outbound extended permit ip 
  75. access-list inside_nat0_outbound extended permit ip host 
  76. access-list inside_nat0_outbound extended permit ip 
  77. access-list inside_nat0_outbound extended permit ip host 
  78. access-list inside_nat0_outbound extended permit ip 
  79. access-list inside_nat0_outbound extended permit ip 
  80. access-list inside_nat0_outbound extended permit ip 
  81. access-list inside_nat0_outbound extended permit ip host 
  82. access-list inside_nat0_outbound extended permit ip 
  83. access-list inside_nat0_outbound extended permit ip 
  84. access-list inside_nat0_outbound extended permit ip host 
  85. access-list inside_nat0_outbound extended permit ip host host 
  86. access-list inside_nat0_outbound extended permit ip host 
  87. access-list inside_nat0_outbound extended permit ip 
  88. access-list inside_nat0_outbound extended permit ip 
  89. access-list inside_nat0_outbound extended permit ip 
  90. access-list inside_nat0_outbound extended permit ip 
  91. access-list inside_nat0_outbound extended permit ip 
  92. access-list inside_nat0_outbound extended permit ip any 
  93. access-list outside_cryptomap_20 extended permit ip 
  94. access-list outside_cryptomap_20 extended permit ip 
  95. access-list outside_cryptomap_20 extended permit ip 
  96. access-list outside_cryptomap_20 extended permit ip 
  97. access-list outside_cryptomap_20 extended permit ip 
  98. access-list outside_cryptomap_20 extended permit ip host 
  99. access-list outside_cryptomap_20 extended permit ip 
  100. access-list outside_cryptomap_20 extended permit ip 
  101. access-list outside_cryptomap_20 extended permit ip 
  102. access-list outside_cryptomap_20 extended permit ip 
  103. access-list outside_cryptomap_20 extended permit ip 
  104. access-list outside_cryptomap_20 extended permit ip 
  105. access-list outside_cryptomap_20 extended permit ip 
  106. access-list outside_cryptomap_20 extended permit ip 
  107. access-list outside_cryptomap_20 extended permit ip host 
  108. access-list outside_cryptomap_20 extended permit ip 
  109. access-list outside_cryptomap_20 extended permit ip 
  110. access-list outside_cryptomap_20 extended permit ip host 
  111. access-list outside_cryptomap_20 extended permit ip 
  112. access-list outside_cryptomap_20 extended permit ip 
  113. access-list outside_cryptomap_20 extended permit ip 
  114. access-list outside_cryptomap_20 extended permit ip 
  115. access-list test extended permit ip host host 
  116. access-list test extended permit ip host host 
  117. access-list test extended permit ip host host 
  118. access-list test extended permit ip host host 
  119. access-list test extended permit ip host host 
  120. access-list test extended permit ip host host 
  121. access-list test extended permit ip host host 
  122. access-list test extended permit ip host host 
  123. access-list test extended permit ip host host 
  124. access-list test extended permit ip host host 
  125. access-list idea_splitTunnelAcl standard permit any 
  126. access-list dmz_nat0_outbound extended permit ip 
  127. access-list dmz_nat0_outbound extended permit ip host 
  128. access-list dmz_nat0_outbound extended permit ip 
  129. access-list dmz_nat0_outbound extended permit ip 
  130. access-list dmz_nat0_outbound extended permit ip 
  131. access-list dmz_nat0_outbound extended permit ip 
  132. access-list dmz_nat0_outbound extended permit ip 
  133. access-list dmz_nat0_outbound extended permit ip 
  134. access-list dmz_nat0_outbound extended permit ip host 
  135. access-list unity_splitTunnelAcl standard permit 
  136. access-list unity_splitTunnelAcl standard permit host 
  137. access-list unity_splitTunnelAcl standard permit host 
  138. access-list unity_splitTunnelAcl standard permit host 
  139. access-list inside_access_in extended permit ip any any 
  140. pager lines 24
  141. logging enable
  142. logging asdm informational
  143. mtu outside 1500
  144. mtu inside 1500
  145. mtu dmz 1500
  146. mtu mgm 1500
  147. ip local pool ifdhcp mask
  148. ip local pool nexttoidea mask
  149. ip local pool ideavpnpool mask
  150. asdm image disk0:/asdm.bin
  151. asdm history enable
  152. arp timeout 14400
  153. nat-control
  154. global (outside) 1
  155. global (outside) 2
  156. global (outside) 3
  157. global (outside) 5 interface
  158. nat (inside) 0 access-list inside_nat0_outbound
  159. nat (inside) 5
  160. nat (inside) 5
  161. nat (inside) 5
  162. nat (inside) 5
  163. nat (inside) 5
  164. nat (dmz) 0 access-list dmz_nat0_outbound
  165. nat (dmz) 5
  166. route outside 1
  167. route inside 1
  168. route inside 1
  169. route inside 1
  170. timeout xlate 3:00:00
  171. timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  172. timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
  173. timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
  174. timeout uauth 0:05:00 absolute
  175. group-policy unity internal
  176. group-policy unity attributes
  177.  wins-server value
  178.  dns-server value
  179.  split-tunnel-policy tunnelspecified
  180.  split-tunnel-network-list value unity_splitTunnelAcl
  181.  default-domain value confidign
  182. group-policy nexttoideavpn internal
  183. group-policy nexttoideavpn attributes
  184. dns-server value
  185.  vpn-tunnel-protocol IPSec 
  186.  default-domain value confidign
  187. group-policy nextgenvpn internal
  188. group-policy nextgenvpn attributes
  189.  dns-server value
  190.  vpn-tunnel-protocol IPSec 
  191.  default-domain value confidign
  192. group-policy idea internal
  193. group-policy idea attributes
  194.  split-tunnel-policy tunnelspecified
  195.  split-tunnel-network-list value idea_splitTunnelAcl
  196. username testasa password xz64BOi0/q9vNlsO encrypted
  197. username BalamuruganJ password bC0quptZGNndczai encrypted privilege 0
  198. username BalamuruganJ attributes
  199.  vpn-group-policy unity
  200. username spice password eLlcIWZLnszxmfPc encrypted
  201. username remotevpn password 19ozm5I0mkO2G1Fj encrypted
  202. username karthik password spKyg06wKqb2qpG2 encrypted
  203. username cisco password 3USUcOPFUiMCO4Jk encrypted privilege 15
  204. username MadhavanG password TG5ToGaURcla8SES encrypted privilege 0
  205. username MadhavanG attributes
  206.  vpn-group-policy unity
  207. username idea1 password Cxl84giZLtfZKg8T encrypted
  208. username igidel password drlk5lzEa04hxmFa encrypted privilege 0
  209. username igidel attributes
  210.  vpn-group-policy idea
  211. aaa authentication ssh console LOCAL 
  212. aaa authentication http console LOCAL 
  213. http server enable
  214. http outside
  215. http inside
  216. http inside
  217. http inside
  218. http inside
  219. http inside
  220. http inside
  221. http inside
  222. http mgm
  223. http mgm
  224. snmp-server host inside community gqmaps
  225. no snmp-server location
  226. no snmp-server contact
  227. snmp-server community gqmaps
  228. snmp-server enable traps snmp authentication linkup linkdown coldstart
  229. snmp-server enable traps syslog
  230. sysopt noproxyarp outside
  231. crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
  232. crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-SHA
  233. crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000
  234. crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
  235. crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
  236. crypto dynamic-map outside_dyn_map 40 set security-association lifetime seconds 288000
  237. crypto dynamic-map Outside_dyn_map 10 set reverse-route
  238. crypto dynamic-map Outside_dyn_map 40 set reverse-route
  239. crypto map outside_map 20 match address outside_cryptomap_20
  240. crypto map outside_map 20 set peer 
  241. crypto map outside_map 20 set transform-set ESP-3DES-SHA
  242. crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  243. crypto map outside_map interface outside
  244. crypto map Outside_map 40 ipsec-isakmp dynamic Outside_dyn_map
  245. isakmp identity address 
  246. isakmp enable outside
  247. isakmp policy 1 authentication pre-share
  248. isakmp policy 1 encryption 3des
  249. isakmp policy 1 hash sha
  250. isakmp policy 1 group 2
  251. isakmp policy 1 lifetime 43200
  252. isakmp policy 10 authentication pre-share
  253. isakmp policy 10 encryption 3des
  254. isakmp policy 10 hash sha
  255. isakmp policy 10 group 2
  256. isakmp policy 10 lifetime 28800
  257. isakmp nat-traversal  20
  258. tunnel-group type ipsec-l2l
  259. tunnel-group ipsec-attributes
  260.  pre-shared-key *
  261. tunnel-group idea type ipsec-ra
  262. tunnel-group idea general-attributes
  263.  address-pool ifdhcp
  264. tunnel-group idea ipsec-attributes
  265.  pre-shared-key *
  266. tunnel-group nexttoideavpn type ipsec-ra
  267. tunnel-group nexttoideavpn general-attributes
  268.  address-pool nexttoidea
  269.  default-group-policy nexttoideavpn
  270. tunnel-group nexttoideavpn ipsec-attributes
  271.  pre-shared-key *
  272. tunnel-group nextgenvpn type ipsec-ra
  273. tunnel-group nextgenvpn general-attributes
  274.  address-pool ideavpnpool
  275.  default-group-policy nextgenvpn
  276. tunnel-group nextgenvpn ipsec-attributes
  277.  pre-shared-key *
  278. telnet outside
  279. telnet inside
  280. telnet inside
  281. telnet inside
  282. telnet inside
  283. telnet inside
  284. telnet inside
  285. telnet inside
  286. telnet inside
  287. telnet inside
  288. telnet timeout 60
  289. ssh outside
  290. ssh inside
  291. ssh inside
  292. ssh inside
  293. ssh inside
  294. ssh timeout 5
  295. console timeout 0
  296. !
  297. class-map inspection_default
  298.  match default-inspection-traffic
  299. !
  300. !
  301. policy-map global_policy
  302.  class inspection_default
  303.   inspect dns maximum-length 51
  304.   inspect ftp 
  305.   inspect h323 h225 
  306.   inspect h323 ras 
  307.   inspect netbios 
  308.   inspect rsh 
  309.   inspect rtsp 
  310.   inspect skinny 
  311.   inspect esmtp 
  312.   inspect sqlnet 
  313.   inspect sunrpc 
  314.   inspect tftp 
  315.   inspect sip 
  316.   inspect xdmcp 
  317.   inspect icmp 
  318. !
  319. service-policy global_policy global
  320. Cryptochecksum:b5ff87410a5ca4bacd9ac2fbddf91aa8
  321. : end
  323. IFASA#   
  324. IFASA# 

Please help me.I really appreciate!...
Nov 14 '10 #1
2 3078
4,677 Recognized Expert Moderator Specialist
That's a huge ruleset, so I'm not going to be able to go through it line-by-line or apply it to a personal device to test.

I would recommend finding the line that allows access to your mail port, and disabling all the others, then testing your mail access. If that doesn't work, the rule is incorrect. If that does work, another rule is overriding that rule, and you should re-enable them one at a time until you find the one that's causing the issue.

Good luck!
Nov 14 '10 #2
2 New Member

thanks,your response.

shall i put this command?..

Expand|Select|Wrap|Line Numbers
  1. access-list WEB permit tcp eq 80
  3. access-list TELNET permit tcp eq 23
  5. access-list smtp permit tcp eq 25
  8. access-list pop3 permit tcp eq 110
Please advice me.
Nov 15 '10 #3

Sign in to post your reply or Sign up for a free account.

Similar topics

by: runningdog | last post by:
Hi Can someone point me to some documentation on how to create and send email from a win forms app using the defalt mail client TIA Steve
by: Gama Franco | last post by:
Hi, I'm working on a project based in Windows Forms, and I need to open the user's default e-mail client (a new e-mail) with some attachments ready to send. Since the destination of the e-mail is unknow at this point I can't send it using the SmtpMail.Send() method. And because of the attachments I'm not able to open the new e-mail using the "mailto:" technique. Is there any other way to solve this problem keeping in mind that the
by: vijaygparikh | last post by:
HI i am writting a code for open default mail client and it works fine. i want to attach a file with the default mail client but file is not attached with "mailto:" option. If any one has idea about open default mail client with attach files using "mailto:" then pls reply me. Thanks in Advance. regards
by: Robbie De Sutter | last post by:
Hello, How do I open a new, empty e-mail message from the default e-mail client whereby the sender is given and a file is attached? Currently I use the command (vb.net): --- System.Diagnostics.Process.Start("mailto:someone@somewhere&subject=the% 20subject") ---
by: John Lafrowda | last post by:
Hello experts, I'm coding a routine which should open a new mail form of the mail standard mail client installed on a system (e.g. outlook, outlook express, netscape mail, etc.) for support reasons. The routine should fill in some textual information. It should, however, not mail the information directly. The user should be able to check the contents of the mail and he should be able to edit the mail before sending it. Consequently, I...
by: Landley | last post by:
Hello, Is there a way of creating an email, attaching a file and sending using the client's default mail client? I am looking for a none email client specific solution that does not involve specifying parameters such as mail servers etc. Cheers,
by: Bernhard Straub | last post by:
Hi, using vb .NET 2003 I am trying to open the standard mail client. The mail window should open and the user should be able to choose the recipient, add some text to the mail etc. Using Process.Start with "mailto" doesn't help as I want to add attachments already in the code. I don't want to use the Outlook reference as the user may not have Outlook installed on the system. I found that something called Simple MAPI may be used but I...
by: apasj06 | last post by:
hello everyone: I am trying to send email via php. I using window XP home edition. My mail client is outlook express. I configured mail client to send email via my aol email account. mail server information: mail account: imap.aol.com
by: subhadip | last post by:
Hi, I want to generate New mail alert for any mail client at client side . I want to check if any new mail has arrived in my inbox or not . the mail client be anything . I want to do this for those mails which don't give any desktop alert when new mail arrievs . i will login to my e-mail and then activate the javascript . it will periodically retrieve the text contents of my inbox and refresh the page , store it in a
by: =?Utf-8?B?R2lkaQ==?= | last post by:
Hi, In my webform, I've a checkbox and when it's checked, i want to open the client's email program (outlook, mozila and so..), add the the "to" and "subject" to that mail. I tried this code: string toEmail = "Gidi Shwartzman <gidi@checkpoint.com>"; string subject = "I'd like to participate in CP Besketball"; string message = string.Format("mailto:{0}?subject={1}", toEmail, subject);
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.