• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 562
  • Last Modified:

How to Allow POP and IMAP through Cisco 5505 from specific public outside IP addresses

Hi all -

Please advise commands to allow pop and imap connections in to Exchange server from two public ip address only.

Many thanks
0
ZenRoots
Asked:
ZenRoots
  • 3
  • 2
1 Solution
 
JFrederick29Commented:
Instead of this which is probably what you currently have (or something similar):

access-list outside_access_in extended permit tcp any interface outside eq pop3
access-list outside_access_in extended permit tcp any interface outside eq imap

Do this instead:

access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
access-list outside_access_in extended permit tcp host y.y.y.y interface outside eq imap

Remove the existing rules allowing "any".
0
 
ZenRootsAuthor Commented:

Thanks JFrederick29

This seems to be what I want... please confirm the following syntax breakdown:

access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
 
The access-list name = outside_access_in
Type = extended
Rule = permit
tcp protocol = pop3
IP address of external host = x.x.x.x
interface name = outside
eq = protocol (default port)

In "plain" english this allows external host x.x.x.x access via the ASA's outside interface using the pop3 port (110)


this access-list is used in conjunction with:
 
static (inside,outside) tcp interface pop3 xx.xx.xx.xx pop3 netmask 255.255.255.255

Is this interpertation correct?

Many thanks,
ZenRoots
 
0
 
JFrederick29Commented:
Yes, correct, exactly right.
0
 
JFrederick29Commented:
Just remember to remove the old rules allowing "any" once the new rules are in place.
0
 
ZenRootsAuthor Commented:
Thanks JFrederick29   Very concise and clear anwsers.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now