configure nat on the firewall to block

Unanswered Question
Aug 1st, 2008
User Badges:

I am having an issue with some spam...I would like to configure nat to block utbound connections to the internet on port 25 unless it comes from my mail server

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Keith,


I would write an outbound ACL on you inside interface. something like:-


access-list inside_out permit tcp host any eq 25

access-list inside_out deny tcp x.x.x.x y.y.y.y any eq 25

access-list inside_out permit ip any any

access-list inside_out permit icmp any any


x.x.x.x = internal IP subnet

y.y.y.y = internet subnet mask



HTH>

Actions

This Discussion