Solved

prevent all outbound port 25 traffic on all but one IP

Posted on 2013-10-25
1
436 Views
Last Modified: 2013-11-07
I have a network that is blacklisted. I need to stop all traffic on port 25 from leaving the ASA except from one IP address (my security mail appliance).  
I'm learning (but still weak) on ASA CLI.
Here's code I've found on the web:

access-list inbound_on_inside permit tcp any host 1.1.1.1 eq smtp
access-list inbound_on_inside deny tcp any any eq smtp
access-list inbound_on_inside permit ip any any
access-group inbound_on_inside in interface inside

I'm assuming the 1.1.1.1 will be my appliance IP and that this is ALL I need to do to stop SMTP traffic from any machine/device inside the lan from leaving the ASA except the IP I have inserted in the 1.1.1.1 location.  If not, please advise.

Also, I would like to monitor any SMTP traffic hitting the ASA, now being blocked, to find the rogue station(s).  All my anti-virus scans are showing the machines to be healthy and clean.  

Thank you for any thoughts/help/constructive statements

daver
0
Comment
Question by:davebird
1 Comment
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 39608901
Assuming you're host is on the inside (doh), the line:
access-list inbound_on_inside permit tcp any host 1.1.1.1 eq smtp
should be:
access-list inbound_on_inside permit tcp host 1.1.1.1 any eq smtp

For logging the hits, use:
access-list inbound_on_inside deny tcp any any eq smtp log
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question