Port Openings

Unanswered Question
Jul 26th, 2007

I would like to allow outside world to access (smtp) on port 587 instead of traditional port 25. For outlook exchange 2007 server. *** Port 995 is for incoming traffic which replaces standard POP3 port 110.

Please let me know what I need to do and how to do it on the following configruation of my router. Thanks.

ip http server

ip http authentication local

ip http secure-server

ip nat inside source list NAT interface FastEthernet0/1.200 overload

ip nat inside source static 10.1.0.11 216.108.201.35

!

ip access-list extended NAT

deny ip 10.0.0.0 0.255.255.255 192.168.1.0 0.0.0.255

deny ip 10.0.0.0 0.255.255.255 192.168.2.0 0.0.0.255

permit ip 10.0.0.0 0.255.255.255 any

ip access-list extended Outside

permit tcp 63.146.60.0 0.0.0.255 any eq 22

permit tcp host 64.141.139.190 any eq 22

permit tcp any host 216.109.202.35 eq www

permit tcp any host 216.109.202.35 eq 443

permit tcp any host 216.109.202.36 eq www

permit tcp any host 216.109.202.36 eq 443

permit tcp any host 216.109.202.34 eq smtp

permit tcp any host 216.109.202.34 eq www

permit tcp any host 216.109.202.34 eq 443

permit gre host 65.89.86.102 host 216.109.202.33 log

permit icmp any any echo-reply

permit esp any any

permit udp any any eq isakmp

permit udp any any eq non500-isakmp

deny ip any any log

ip access-list extended Policy-NAT

permit ip host 10.1.0.11 192.168.2.0 0.0.0.255

ip access-list extended Split

permit ip 10.0.0.0 0.255.255.255 any

permit ip 192.168.1.0 0.0.0.255 any

ip access-list extended VoIP

permit tcp 10.1.0.0 0.0.255.255 host 192.168.1.1 eq www

permit tcp 10.1.0.0 0.0.255.255 host 192.168.1.254 eq www

permit tcp 192.168.2.0 0.0.0.255 host 192.168.1.1 eq www

permit tcp 192.168.2.0 0.0.0.255 host 192.168.1.254 eq www

ip access-list extended nat

ip access-list extended outside

permit tcp any host 216.108.201.35 eq 587

ip access-list extended policy-nat

permit ip host 10.1.0.11 192.0.0.0 0.255.255.255

ip access-list extended unlock

permit ip any any

permit gre any any

permit esp any any

permit ahp any any

permit icmp any any

!

access-list 145 permit tcp 216.0.0.0 0.255.255.255 any eq 22

!

!

!

route-map NONAT permit 10

match ip address Policy-NAT

set interface Loopback0

!

!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
purohit_810 Thu, 07/26/2007 - 12:09

Block the Port 25 smtp... Run your Mail application on 587. Open 587 Port.

And Enjoy.

Regards,

Dharmesh Purohit

mikntwd49508 Thu, 07/26/2007 - 16:25

to block port 25 smtp,I do?

LIke this?????

config t

config#) no ip access-list extended outside

config#) permit any 216.x.x.x eq smtp

Thanks,

rajatsetia Thu, 07/26/2007 - 22:37

Hi,

As per your configuration, router has nothing to with your application but to allow or disallow traffic as per access-list applied by you.

As you will be running your smtp application on port other than standard 25 port so change your acccess-list "outside" and permit port 587 towards smtp server.

HTH

rgds

Actions

This Discussion