?
Solved

accesslist help

Posted on 2009-02-11
3
Medium Priority
?
199 Views
Last Modified: 2012-05-06

permit tcp any eq 110 any

i have applied the above to the outbound of an interface, what does the permit statment does?

with that rule my internal server is able to connect to extermal email server

im wonderin which "any" means the external mail server

0
Comment
Question by:ammadeyy2020
  • 2
3 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 2000 total points
ID: 23612113
Is it outbound towards the email server (outbound on the VLAN interface of the mail server) or is it outbound towards the external server?

If outbound towards the internal email server, it allows the return traffic from the external mail server.  The first any is the source, in this case the external mail server.  The second any is the destination, in this case your mail server.

If outbound towards the external mail server, it has no effect (well, it allows source ports of 110 to any destination) this would be required for connections to your mail server on 110 (inbound connections).
0
 

Author Comment

by:ammadeyy2020
ID: 23612196
its outbound towards internal mail server

so tthat means if x.x.x.x is externail mail server
permit tcp x.x.x.x eq 110 host 192.168.20.20

that means 192.168.20.20 recieves mail from x.x.x.x
correct?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 23612251
The internal mail server 192.168.20.20 makes a connection to x.x.x.x on port 110 so the access-list rule allows the return traffic where x.x.x.x has a source port of 110 and the destination is 192.168.20.20.  This is needed because it is outbound toward the internal mail server.
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your computer hacked? learn how to detect and delete malware in your PC
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question