Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1088
Views
0
Helpful
1
Replies

block smtp outbound in IOS

mloraditch
Level 7
Level 7

‎06-02-2009 06:35 AM - edited ‎03-11-2019 08:38 AM

I'm trying to figure out how to block outbound smtp access except from my exchange server. Here is the ACL i developed.

ip access-list extended SMTP

permit tcp 10.10.152.200 0.0.0.255 any eq smtp

deny tcp any any eq smtp

permit ip any any

I thought i would apply it outbound (ip access-group SMTP out) on my inside interface but when i do that I can no longer accept connections inbound to the server. Where should I have this? Is something wrong with the ACL itself?

Thanks Much!

Labels:
0 Helpful
1 Reply 1

jj27
Spotlight
Spotlight

‎06-02-2009 06:44 AM

Try applying it to your inside interface, incoming (ip access-group SMTP in). It will look at traffic coming INTO the interface on the router and determine what to do with it. Remember, access-lists should usually be applied closest to source.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card