Solved

Cisco ASA allow certain range of IPs through ASA

Posted on 2011-02-22
3
1,056 Views
Last Modified: 2012-05-11
I have a cisco ASA, I would like to only allow a certain range of IP address through port 25.  We currently allow all.  What is the command to only allow a range.

access-list outside_access_in extended permit tcp any interface outside eq smtp log

The ranges would be 192.168.144.0/21 and 192.168.64.0/22.  Any help would greatly be appreciated.
0
Comment
Question by:TJacoberger1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Accepted Solution

by:
aluddington earned 500 total points
ID: 34958057
TJacoberger1,

According to the information that you have provided these are the following access-list that you are looking for:

access-list inbound extended permit tcp 192.168.144.0 255.255.248.0 interface outside eq smtp
access-list inbound extended permit tcp 192.168.64.0 255.255.252.0 interface outside eq smtp

Keep in mind that these access list assume that you have Static's pointing to your mail server.

static (inside,outside) tcp interface smtp 192.168.X.X smtp netmask 255.255.255.255

where  192.168.X.X is the ip of your mail server.

0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34958233
you need to add'clear xlate' afret that you chaged it....
0
 
LVL 4

Expert Comment

by:Kendzast
ID: 34959304
clear local-host
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month6 days, 6 hours left to enroll

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question