Solved

Cisco ASA allow certain range of IPs through ASA

Posted on 2011-02-22
3
1,049 Views
Last Modified: 2012-05-11
I have a cisco ASA, I would like to only allow a certain range of IP address through port 25.  We currently allow all.  What is the command to only allow a range.

access-list outside_access_in extended permit tcp any interface outside eq smtp log

The ranges would be 192.168.144.0/21 and 192.168.64.0/22.  Any help would greatly be appreciated.
0
Comment
Question by:TJacoberger1
3 Comments
 
LVL 1

Accepted Solution

by:
aluddington earned 500 total points
ID: 34958057
TJacoberger1,

According to the information that you have provided these are the following access-list that you are looking for:

access-list inbound extended permit tcp 192.168.144.0 255.255.248.0 interface outside eq smtp
access-list inbound extended permit tcp 192.168.64.0 255.255.252.0 interface outside eq smtp

Keep in mind that these access list assume that you have Static's pointing to your mail server.

static (inside,outside) tcp interface smtp 192.168.X.X smtp netmask 255.255.255.255

where  192.168.X.X is the ip of your mail server.

0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34958233
you need to add'clear xlate' afret that you chaged it....
0
 
LVL 4

Expert Comment

by:Kendzast
ID: 34959304
clear local-host
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco IP Phone upgrade 3 26
Cisco ASA LDAP Authentication for VPN and Management 8 34
Point to point connection slow in one direction only 15 45
Switch ports not working 8 32
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question