Solved

prevent all outbound port 25 traffic on all but one IP

Posted on 2013-10-25
1
426 Views
Last Modified: 2013-11-07
I have a network that is blacklisted. I need to stop all traffic on port 25 from leaving the ASA except from one IP address (my security mail appliance).  
I'm learning (but still weak) on ASA CLI.
Here's code I've found on the web:

access-list inbound_on_inside permit tcp any host 1.1.1.1 eq smtp
access-list inbound_on_inside deny tcp any any eq smtp
access-list inbound_on_inside permit ip any any
access-group inbound_on_inside in interface inside

I'm assuming the 1.1.1.1 will be my appliance IP and that this is ALL I need to do to stop SMTP traffic from any machine/device inside the lan from leaving the ASA except the IP I have inserted in the 1.1.1.1 location.  If not, please advise.

Also, I would like to monitor any SMTP traffic hitting the ASA, now being blocked, to find the rogue station(s).  All my anti-virus scans are showing the machines to be healthy and clean.  

Thank you for any thoughts/help/constructive statements

daver
0
Comment
Question by:davebird
1 Comment
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 39608901
Assuming you're host is on the inside (doh), the line:
access-list inbound_on_inside permit tcp any host 1.1.1.1 eq smtp
should be:
access-list inbound_on_inside permit tcp host 1.1.1.1 any eq smtp

For logging the hits, use:
access-list inbound_on_inside deny tcp any any eq smtp log
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is about downgrading PIX Version 8.0(4) & ASDM 6.1(5) to PIX 7.2(4) and ASDM 5.2(4) but with only 64MB RAM and 16MB flash. Background: You have a Cisco Pix 515E which was running on PIX 7.2(4) and its supporting ASDM 5.2(4) without any i…
When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now