Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
300
Views
5
Helpful
3
Replies

Access-list

Go to solution
tung
Level 1
Level 1

‎02-15-2007 10:24 PM - edited ‎03-03-2019 03:47 PM

Hello,

I have a question about access list. I would like to allow only this network 64.18.0.0 mask 255.255.240.0 to relay smtp message to our router. How can I do it? Thanks

Allow This >>>>64.18.0.0 mask 255.255.240.0

Our router IP is 172.16.20.10

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
devang_etcom
Level 7
Level 7
In response to tung

‎02-16-2007 10:15 AM

it is denying the any other source with the any ip addreess SNMP request for the destination address of 172.16.20.10...

so only the subnet or the network which is allowed in the first statment with the permit key work will only interact with the 172.16.20.10 for SNMP all other subnet will be denied...

regards

Devang

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎02-15-2007 11:00 PM

Hi

access-list SMTP permit tcp 64.18.0.0 0.0.15.255 host 172.16.20.10 eq 25

access-list SMTP deny tcp any host 172.16.20.10 eq 25

Apply the access-list inbound on the router interface.

Those two lines will do what you ask but be aware that there is an implicit deny at the end of any access-list so at the very least you need

access-list SMTP permit ip any any

HTH

Jon

Go to solution
tung
Level 1
Level 1
In response to Jon Marshall

‎02-16-2007 10:04 AM

Jon, I was curious what is the access-list SMTP deny tcp any host 172.16.20.10 eq 25 is for? Thanks

0 Helpful

Go to solution
devang_etcom
Level 7
Level 7
In response to tung

‎02-16-2007 10:15 AM

it is denying the any other source with the any ip addreess SNMP request for the destination address of 172.16.20.10...

so only the subnet or the network which is allowed in the first statment with the permit key work will only interact with the 172.16.20.10 for SNMP all other subnet will be denied...

regards

Devang

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card