Traps ESM - Failed Email Notifications using Gmail SMTP-Relay

L0 Member

Traps ESM - Failed Email Notifications using Gmail SMTP-Relay

Hello,

 

I am currently running the Traps ESM v4.1.2 console and core on a single Windows Server 2016 environment. I have been unable to get email notifications to send. When I send a test message within Settings > ESM > Email, I receive the error "Failed to send test message." My organization is using Google Apps / G-Suite, and I have ensured that our smtp-relay rule allows for all addresses to send through SMTP without requiring SMTP authentication or TLS encryption. Within the email settings on the ESM, I have provided a valid user account and password. I tried using smtp-relay.gmail.com and smtp.gmail.com on ports 25, 465, and 587.

 

Palo Alto Support has asked that I provide logs from Google's servers, which is not possible. Google support has assured me that nothing on their end should block smtp relays with my rule enabled. I am able to see the smtp traffic leave my network when I attempt to test notifications on the ESM. I also have several other services running on my network that use SMTP relay through Gmail and have no problems.

 

  • Has anyone else had any luck with enabling notifications with Google Apps?

 

  • Is there a log file that I can view on the ESM that is specific to SMTP / Notifications?

 

I would appriciate any advise on this issue. Thank you.

Tags (4)
L1 Bithead

Re: Traps ESM - Failed Email Notifications using Gmail SMTP-Relay

Got this to finally work by SMTP-Relay 

 

Go to your Admin Console (admin.google.com) > Apps > G Suite > Gmail.

 

Then go to Advanced settings > Routing > SMTP relay services.

 

Next to the setting named "Internal Servers" > Click Edit.

 

Add the external IP address that will send the email and a range if it more then one

 

please check "Require TLS" and Save the setting

 

After you save the changes, please go to the application's setup and for Host server use: smtp-relay.gmail.com

 

And for port try again 587.

 

Make sure your user name is password is correct... 

 

test email... 

 

 

L2 Linker

Traps ESM - Failed to send Test message Error

Hi Dears, 

 

We are trying to enable Email Reporting on ESM server. 

Filled all the required fields with correct information. Using the account which has accessibility to the SMTP Server. 

Tried configuring with SSL Enabled and Disabled, but no luck. getting error - Failed to Send Test Message.

Attaching the error screen shot. 

ESM email error.jpg

Kindly help getting this issue resolved.. 

 

Regards, 

Sandeep

L4 Transporter

Re: Traps ESM - Failed to send Test message Error

Sandeep,

 

I would recommend to reach out to Palo Alto support. Any of the support engineers would be more than happy to validate the settings for you, and answer any other questions you may have.

L1 Bithead

Re: Traps ESM - Failed to send Test message Error

was this ever solved?

I am seeing this now again with ESM V4.2.4 (V4.2.3 was working - see topic opened today)

L1 Bithead

Re: Traps ESM - Failed to send Test message Error

Look above cmaiorino (me) this was how I got it to work.
L1 Bithead

Re: Traps ESM - Failed to send Test message Error

Thx cmaiorino

I'm asking not in reply of the initial Gmail question, I'm asking in Reply of Sandeep_R - sorry for the confusion...

L1 Bithead

Re: Traps ESM - Failed to send Test message Error

Just to inform the community about the solution of problem faced by "Sandeep_R":

I had a (long) case open with paloalto networks. They confirmed that they have changed the whole eMail Framework with ESM Update V4.2.3 to V4.2.4 (I could not find this in the release notes...). With that change they have a now confirmed bug with smtp servers without certificate AND without user authentication (before we used no certificate, no user auth). They promised to fix in upcoming V4.2.5. To workaround the problem I installed a valid certificate on my smtp receiver first. In addition I was not able to add user authentication in our prod environment and that is why paloalto networks support provided a engineering fix where I had to replace two dll's. For the momment it works - I will check after upgrdaing to V4.2.5 again...

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!