Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How do I create an access list to control SMTP traffic?

Status
Not open for further replies.
phaqgm

phaqgm

MIS
Jul 15, 2003
5
US
I want to create an access list(s) that will only allow specific IP's through the firewall for SMTP traffic. So instead of the normal config:

access-list outin permit tcp any host <<IP>> eq smptp

I want to be able to allow specific IP addresses instead of ANY.
 
Sort by date Sort by votes
access-list outin permit tcp host <source ip address> host <target ip address> eq smtp
 
Upvote 0 Downvote
I have tried that, but it is saying it's an invalid command. I figured that was the correct syntax, but it will not work.
 
Upvote 0 Downvote
It works on my firewall. See:
pixfirewall(config)# sh ver

Cisco PIX Firewall Version 6.2(1)

Compiled on Wed 17-Apr-02 21:18 by morlee

pixfirewall up 2 days 3 hours

Hardware: SE440BX2, 128 MB RAM, CPU Pentium II 350 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0002.b322.d504, irq 11
1: ethernet1: address is 0002.b322.cea2, irq 10
Licensed Features:
Failover: Enabled
VPN-DES: Enabled
VPN-3DES: Disabled
Maximum Interfaces: 6
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited

Serial Number: 18051260 (0x11370bc)
Running Activation Key: 0x71a1f483 0xc43565a8 0x0e2e6a7a 0x9355496e
Configuration last modified by enable_15 at 06:36:26.649 UTC Thu Jul 17 2003
pixfirewall(config)#

pixfirewall(config)# sh access-list
access-list outin; 1 elements
access-list outin permit tcp host 10.1.1.1 host 20.1.1.1 eq smtp (hitcnt=0)
pixfirewall(config)#

Which version are you running?

 
Upvote 0 Downvote
Thank you, fmonteiro!

Your post helped me out. I realized after looking at your config why I couldn't get it to take my specified IP addresses.

When I was trying to configure originally I was typing:

access-list outin permit tcp x.x.x.x host x.x.x.x eq smtp

instead of:

access-list outin permit tcp host x.x.x.x host x.x.x.x eq smtp

Sometimes all it takes is an extra set of eyes. Thanks for being my extra set of eyes!

Tim
 
Upvote 0 Downvote
Thank you, fmonteiro!

Your post helped me out. I realized after looking at your config why I couldn't get it to take my specified IP addresses.

When I was trying to configure originally I was typing:

access-list outin permit tcp x.x.x.x host x.x.x.x eq smtp

instead of:

access-list outin permit tcp host x.x.x.x host x.x.x.x eq smtp

Sometimes all it takes is an extra set of eyes. Thanks for being my extra set of eyes!

Tim
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
751
madwok
madwok
CPM86
  • Locked
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
524
CPM86
CPM86
B
  • Locked
  • Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
373
badwolf1686
B
jobsp90
  • Locked
  • Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
471
DavetheChef
DavetheChef
Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
548
Luzbel
Luzbel

Part and Inventory Search

Sponsor

Back
Top