Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 487
  • Last Modified:

How do I create an extended ACL for an ASA to restrict outbound SMTP traffic?

I had planned on adding the two access-list commands to the outbound access group, but my ASA doesn't like the eq at the end of the first command.

Access-list outbound extended permit ip 10.254.1.0 255.255.225.0 eq smtp
Access-list outbound extended deny ip any any eq smpt
0
guitar_dave
Asked:
guitar_dave
1 Solution
 
JFrederick29Commented:
You need to use TCP for the protocol (not IP) and you forgot the destination (any).  At the end of the list add a "permit ip any any" to allow all other traffic or else the default action is to deny all.

access-list outbound extended permit tcp 10.254.1.0 255.255.225.0 any eq smtp
access-list outbound extended deny tcp any any eq smtp
access-list outbound extended permit ip any any
0
 
guitar_daveAuthor Commented:
Thank you
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now