ZenRoots
asked on
How to Allow POP and IMAP through Cisco 5505 from specific public outside IP addresses
Hi all -
Please advise commands to allow pop and imap connections in to Exchange server from two public ip address only.
Many thanks
Please advise commands to allow pop and imap connections in to Exchange server from two public ip address only.
Many thanks
ASKER
Thanks JFrederick29
This seems to be what I want... please confirm the following syntax breakdown:
access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
The access-list name = outside_access_in
Type = extended
Rule = permit
tcp protocol = pop3
IP address of external host = x.x.x.x
interface name = outside
eq = protocol (default port)
In "plain" english this allows external host x.x.x.x access via the ASA's outside interface using the pop3 port (110)
this access-list is used in conjunction with:
static (inside,outside) tcp interface pop3 xx.xx.xx.xx pop3 netmask 255.255.255.255
Is this interpertation correct?
Many thanks,
ZenRoots
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just remember to remove the old rules allowing "any" once the new rules are in place.
ASKER
Thanks JFrederick29 Very concise and clear anwsers.
access-list outside_access_in extended permit tcp any interface outside eq pop3
access-list outside_access_in extended permit tcp any interface outside eq imap
Do this instead:
access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
access-list outside_access_in extended permit tcp host y.y.y.y interface outside eq imap
Remove the existing rules allowing "any".