Solved

How to Allow POP and IMAP through Cisco 5505 from specific public outside IP addresses

Posted on 2009-05-15
5
538 Views
Last Modified: 2012-05-07
Hi all -

Please advise commands to allow pop and imap connections in to Exchange server from two public ip address only.

Many thanks
0
Comment
Question by:ZenRoots
  • 3
  • 2
5 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24397478
Instead of this which is probably what you currently have (or something similar):

access-list outside_access_in extended permit tcp any interface outside eq pop3
access-list outside_access_in extended permit tcp any interface outside eq imap

Do this instead:

access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
access-list outside_access_in extended permit tcp host y.y.y.y interface outside eq imap

Remove the existing rules allowing "any".
0
 

Author Comment

by:ZenRoots
ID: 24398164

Thanks JFrederick29

This seems to be what I want... please confirm the following syntax breakdown:

access-list outside_access_in extended permit tcp host x.x.x.x interface outside eq pop3
 
The access-list name = outside_access_in
Type = extended
Rule = permit
tcp protocol = pop3
IP address of external host = x.x.x.x
interface name = outside
eq = protocol (default port)

In "plain" english this allows external host x.x.x.x access via the ASA's outside interface using the pop3 port (110)


this access-list is used in conjunction with:
 
static (inside,outside) tcp interface pop3 xx.xx.xx.xx pop3 netmask 255.255.255.255

Is this interpertation correct?

Many thanks,
ZenRoots
 
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 250 total points
ID: 24398184
Yes, correct, exactly right.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24398193
Just remember to remove the old rules allowing "any" once the new rules are in place.
0
 

Author Closing Comment

by:ZenRoots
ID: 31582003
Thanks JFrederick29   Very concise and clear anwsers.  
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can Cisco resolve internet address internally 4 44
Cisco universal IOS upgrade from ipbase to ipservices 4 107
eigrp routing loop 5 42
Cisco switch suggestion 5 50
Cisco Pix/ASA hairpinning The term, hairpinning, comes from the fact that the traffic comes from one source into a router or similar device, makes a U-turn, and goes back the same way it came. Visualize this and you will see something that looks …
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question