asked on
Cisco PIX 501 access-list configuration
Greetings,
I am looking at configuring a client's site to where they can only send SMTP port 25 to their hosted mail server. I don't want them send SMTP e-mail to any other server. Their mail server IP is 74.53.229.82. What would their access-list need to look like?
This is what it currently looks like:
access-list Palmer_Private standard permit 10.0.0.0 255.0.0.0
access-list Palmer_Private standard permit 192.168.0.0 255.255.0.0
access-list Palmer_Private standard permit 172.16.0.0 255.255.0.0
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit tcp any host 71.42.96.58 eq pptp
access-list outside_access_in extended permit icmp any any echo-reply
access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.255.255.0 10.0.0.0 255.255.255.0
access-list outside_cryptomap_20 extended permit ip 10.0.0.0 255.255.255.0 10.0.10.0 255.255.255.0
I am looking at configuring a client's site to where they can only send SMTP port 25 to their hosted mail server. I don't want them send SMTP e-mail to any other server. Their mail server IP is 74.53.229.82. What would their access-list need to look like?
This is what it currently looks like:
access-list Palmer_Private standard permit 10.0.0.0 255.0.0.0
access-list Palmer_Private standard permit 192.168.0.0 255.255.0.0
access-list Palmer_Private standard permit 172.16.0.0 255.255.0.0
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit tcp any host 71.42.96.58 eq pptp
access-list outside_access_in extended permit icmp any any echo-reply
access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.255.255.0 10.0.0.0 255.255.255.0
access-list outside_cryptomap_20 extended permit ip 10.0.0.0 255.255.255.0 10.0.10.0 255.255.255.0
Cisco
Last Comment
raptorjb007