My goal is :- we want port 25 from specific outside addresses ( 188.8.131.52/21) to be allowed to: my1.cbc.com (notes) and mys.cbc.com (notes1)
This is my partial config
name 10.101.91.14 Notes1
name 10.101.91.13 notes
name 184.108.40.206 Mx_logic
object-group network Mx_Logic_Notes
description MxLogic networks to Notes
network-object 220.127.116.11 255.255.248.0
access-list outside_acl permit tcp object-group Mx_Logic_Notes host 18.104.22.168 eq smtp
access-list outside_acl permit tcp object-group Mx_Logic_Notes host 22.214.171.124 eq smtp
static (inside,outside) 126.96.36.199 10.101.91.14 netmask 255.255.255.255 0 0
static (inside,outside) 188.8.131.52 10.101.91.13 netmask 255.255.255.255 0 0
access-group outside_acl in interface outside
When I issued Pix1# sh access-list both access-list has (hitcnt=0)
What am I doing wrong.
do I need to specify port eq 25 on the source also ?.