On Saturday 10/27/07, I had updated my Cisco Pix configuration to Restricting SMTP to specific external IP addresses. I was able to send and receive email through Outlook. But I cannot access OWA from outside. So I reverted back to the original settings.
Here is the proposed config from Saturday:
! erase the current access-list
no access-list outside_access_in
! Reapply the initial entries
access-list outside_access_in permit tcp any host 22.214.171.124 eq www
access-list outside_access_in permit tcp any host 126.96.36.199eq www
access-list outside_access_in deny ip any host 188.8.131.52
! allow incoming mail from the two ip ranges
access-list outside_access_in permit tcp 184.108.40.206 255.255.255.248 host MAILSERVER-IP-ADDRESS eq smtp
access-list outside_access_in permit tcp 220.127.116.11 255.255.255.248 host MAILSERVER-IP-ADDRESS eq smtp
! deny all other incoming mail
access-list outside_access_in deny tcp any host MAILSERVER-IP-ADDRESS eq smtp
access-list outside_access_in permit ip any any
! reapply the access-list to the interface
access-group outside_access_in in interface outside
Where would be the OWA entry? or would it be in the line below?
static (inside,outside) tcp xxxxxx (my note- External IP) smtp xxxxx (my note- Internal IP) smtp netmask 255.255.255.255 0 0
I also have two smtp servers. I wonder if I need to make another entry for the second one and similar to the line above.