We are trying to block port 25 outbound for all workstations other than the Exchange server. Here is what we've done (192.168.77.40 is the server):
access-list 100 permit tcp host 192.168.77.40 any eq smtp
access-list 100 deny tcp 192.168.77.0 0.0.0.255 any eq smtp log
access-list 100 permit ip 192.168.77.40 0.0.0.255 any
We've tested it by going to a workstation and telnetting to another Exchange server on port 25. Unfortunately we can connect and the the block doesn't seem to be working. Can anyone help?
Thanks in advance!