My goal is :- we want port 25 from specific outside addresses ( 184.108.40.206/21) to be allowed to: my1.cbc.com (notes) and mys.cbc.com (notes1)
This is my partial config
name 10.101.91.14 Notes1
name 10.101.91.13 notes
name 220.127.116.11 Mx_logic
object-group network Mx_Logic_Notes
description MxLogic networks to Notes
network-object 18.104.22.168 255.255.248.0
access-list outside_acl permit tcp object-group Mx_Logic_Notes host 22.214.171.124 eq smtp
access-list outside_acl permit tcp object-group Mx_Logic_Notes host 126.96.36.199 eq smtp
static (inside,outside) 188.8.131.52 10.101.91.14 netmask 255.255.255.255 0 0
static (inside,outside) 184.108.40.206 10.101.91.13 netmask 255.255.255.255 0 0
access-group outside_acl in interface outside
When I issued Pix1# sh access-list both access-list has (hitcnt=0)
What am I doing wrong.
do I need to specify port eq 25 on the source also ?.