• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 553
  • Last Modified:

How to Allow POP and IMAP through Cisco 5505 from specific public outside IP addresses

Hi all -

Please advise commands to allow pop and imap connections in to Exchange server from two public ip address only.

Many thanks
0
ZenRoots
Asked:
ZenRoots
  • 3
  • 2
1 Solution
 
JFrederick29Commented:
Instead of this which is probably what you currently have (or something similar):

access-list outside_access_in extended permit tcp any interface outside eq pop3
access-list outside_access_in extended permit tcp any interface outside eq imap

Do this instead:

access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
access-list outside_access_in extended permit tcp host y.y.y.y interface outside eq imap

Remove the existing rules allowing "any".
0
 
ZenRootsAuthor Commented:

Thanks JFrederick29

This seems to be what I want... please confirm the following syntax breakdown:

access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
 
The access-list name = outside_access_in
Type = extended
Rule = permit
tcp protocol = pop3
IP address of external host = x.x.x.x
interface name = outside
eq = protocol (default port)

In "plain" english this allows external host x.x.x.x access via the ASA's outside interface using the pop3 port (110)


this access-list is used in conjunction with:
 
static (inside,outside) tcp interface pop3 xx.xx.xx.xx pop3 netmask 255.255.255.255

Is this interpertation correct?

Many thanks,
ZenRoots
 
0
 
JFrederick29Commented:
Yes, correct, exactly right.
0
 
JFrederick29Commented:
Just remember to remove the old rules allowing "any" once the new rules are in place.
0
 
ZenRootsAuthor Commented:
Thanks JFrederick29   Very concise and clear anwsers.  
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now