Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1060
  • Last Modified:

Cisco ASA allow certain range of IPs through ASA

I have a cisco ASA, I would like to only allow a certain range of IP address through port 25.  We currently allow all.  What is the command to only allow a range.

access-list outside_access_in extended permit tcp any interface outside eq smtp log

The ranges would be 192.168.144.0/21 and 192.168.64.0/22.  Any help would greatly be appreciated.
0
TJacoberger1
Asked:
TJacoberger1
1 Solution
 
aluddingtonCommented:
TJacoberger1,

According to the information that you have provided these are the following access-list that you are looking for:

access-list inbound extended permit tcp 192.168.144.0 255.255.248.0 interface outside eq smtp
access-list inbound extended permit tcp 192.168.64.0 255.255.252.0 interface outside eq smtp

Keep in mind that these access list assume that you have Static's pointing to your mail server.

static (inside,outside) tcp interface smtp 192.168.X.X smtp netmask 255.255.255.255

where  192.168.X.X is the ip of your mail server.

0
 
Istvan KalmarCommented:
you need to add'clear xlate' afret that you chaged it....
0
 
KendzastCommented:
clear local-host
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now