We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now


Restrict port IP addresses

KMDComp asked
Medium Priority
Last Modified: 2013-11-16
Im getting ready to configure a CISCO ASA 5510 for our network.  Im fairly new to configuring firewalls and new to CISCO in general.  We host our own exchange server and we have our incoming email filtered for spam and viruses by an outside company.  Would it be possible to restrict forwarding on port 25 to only those IP addresses used by our email filtering services?  

Currently our exchange server is rejecting about 300k emails per day from computers trying to relay emails using only our IP address as the target.  Id like to see as many of those as possible rejected before they ever reach our server.  
Watch Question

Top Expert 2010
You would create an Access-list and apply it to the outside interface.  

You would need something similar to: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080862017.shtml

You code would need to include something close to the following:

Static(inside,outside) <Outside IP> <Internal ip> netmask
Access-list Outside_access_in permit tcp host <ip address or mail host>  host <the outside static of your email server>  eq 25
access-group Outside_access_in in interface outside  

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.