Darrel Winbush
asked on
Monitoring port 16464 on a Cisco ASA 5500
I'm having an issue with out external IP being blacklisted, I have been researching this all day and have followed these instructions in order to only allow stmp traffic to flow from my mail server.
http://www.petenetlive.com/KB/Article/0000172.htm
I would like to narrow down the issue so i can find the client thats causing the issue. Some of the posts i have read and the info i received from the CBL say to monitor traffic on port 16464 but i'm not sure how to setup that rule on the Cisco firewall.
Message from CBL is below -
"If this IP address is a NAT gateway, it should be possible to find which computer on your internal network is infected by implementing a filter on your firewall to detect and log attempts to send UDP packets to the Internet with a destination port number of 16464."
Can someone give me some step by step instructions on how to set this up? and what and where to look for when it is?
Thank you
http://www.petenetlive.com/KB/Article/0000172.htm
I would like to narrow down the issue so i can find the client thats causing the issue. Some of the posts i have read and the info i received from the CBL say to monitor traffic on port 16464 but i'm not sure how to setup that rule on the Cisco firewall.
Message from CBL is below -
"If this IP address is a NAT gateway, it should be possible to find which computer on your internal network is infected by implementing a filter on your firewall to detect and log attempts to send UDP packets to the Internet with a destination port number of 16464."
Can someone give me some step by step instructions on how to set this up? and what and where to look for when it is?
Thank you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER