kzackery
asked on
configuring cisco router to block all traffic except port 443 and 25 to my on-to-one NAT public IP address
Cisco Router RV016
I am using a cisco router firewall for my network. I recently set up exchange server and used the one-to-one NAT feature on the router to forward all incoming traffic from a public IP to the internal address of my server. That worked fine. However, now I am trying to secure my mail server up from incoming attacks on that public IP. Is there a way to block all incoming traffic on that public IP except for port 25 and 443?
Thanks
I am using a cisco router firewall for my network. I recently set up exchange server and used the one-to-one NAT feature on the router to forward all incoming traffic from a public IP to the internal address of my server. That worked fine. However, now I am trying to secure my mail server up from incoming attacks on that public IP. Is there a way to block all incoming traffic on that public IP except for port 25 and 443?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok don,
I got it. Correct me if I'm wrong but it should be set to local are network and then the source ip would be the public ip address that I want to block traffic comming from and the destination would be that of my mail server. How do I know that the ports are being blocked now that I have set it. Is there a way to verify?
I got it. Correct me if I'm wrong but it should be set to local are network and then the source ip would be the public ip address that I want to block traffic comming from and the destination would be that of my mail server. How do I know that the ports are being blocked now that I have set it. Is there a way to verify?
Sorry. I can't remember the screen and the doc's don't have very good screen shots. As I recall, it was pretty straightforward. I think you can specify that traffic from any address can come in only if it's going to a specific port.
ASKER
Is there a way to check to see if the ports are blocked?
It should show in the firewall or filter settings
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml#topic2