cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
405
Views
0
Helpful
2
Replies

PIX-ACL

dhavaltandel
Level 1
Level 1

Hello All,

I have setup mail server behind PIX firewall, internally mail server works fine. Only problem is from outside. following is the ACL configured on PIX,

access-list 200 extended permit tcp any eq pop3 host xx.xx.xx.xx eq pop3

access-list 200 extended permit tcp any eq smtp host xx.xx.xx.xx eq smtp

where xx.xx.xx.xx is the private ip address of mail server.

Is this rule is enough for running Mail server behind firewall ans is this rule seems correct...?

NAT Translation is also has been configured correctly.

Thanks,

Dhaval Tandel

1 Accepted Solution

Accepted Solutions

jpl861
Level 4
Level 4

Hi Dhaval.

Source port should not be pop3. This should be your inbound access-list on the outside interface.

access-list 200 extended permit tcp any host xx.xx.xx.xx eq pop3

access-list 200 extended permit tcp any host xx.xx.xx.xx eq smtp

xx.xx.xx.xx should be the public IP of the server if it should be access thru internet. Then use the "static" command to translate the server's private IP to public IP.

Regards,

John

View solution in original post

2 Replies 2

jpl861
Level 4
Level 4

Hi Dhaval.

Source port should not be pop3. This should be your inbound access-list on the outside interface.

access-list 200 extended permit tcp any host xx.xx.xx.xx eq pop3

access-list 200 extended permit tcp any host xx.xx.xx.xx eq smtp

xx.xx.xx.xx should be the public IP of the server if it should be access thru internet. Then use the "static" command to translate the server's private IP to public IP.

Regards,

John

Hello JOHN

Thanks,

I resolved my issue.

Thanks

Dhaval Tandel

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: