ASA 5510 Blocking Port 25

Unanswered Question
Dec 14th, 2010
User Badges:

I have a Cisco ASA 5510. I have detected an infected workstation on my internal LAN which has caused my IP to be blacklisted by Barracuda Networks and other RBL. I have scanned and cleaned the workstation removing the spambot. I want to prevent all my internal workstations from sending SMTP traffic on Port 25 through my ASA 5510 device. I only need to allow my Exchange Server access to send out traffic on port 25. Can someone help me configure this setup using ASDM 5.0?  I know it may be easier using CLI, but using the ASDM would really be preferred. Any help with this would be greatly appreciated. Thank you.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (3 ratings)
Jennifer Halim Tue, 12/14/2010 - 15:30
User Badges:
  • Cisco Employee,

What existing rules do you have applied to your internal/inside interface of the ASA?

A screenshot of the rules applied on the inside interface would be good.

The rule to block port 25 for all internal hosts but the Exchange server needs to be configured after the rule to allow the Exchange server outbound on port 25.

grromerojr Tue, 12/14/2010 - 17:36
User Badges:

Jennifer, thank you for replying. I have attached a screenshot of the rules applied to the inside interface.The LAN IP for the Exchange is and the inside interface for the ASA 5510 is attached image only shows the rules for the internal interface as you have requested. If you should need more information please let me know. Thank you.

Jennifer Halim Tue, 12/14/2010 - 17:50
User Badges:
  • Cisco Employee,

In that case, you would need to configure 2 rules above the existing rules.

First rule should say "permit" from source: Exchange server ( to destination: any, on destination port: TCP/25

Second rule should say "deny" from source: any to destination: any, on destination port: TCP/25

And your third rule would be the existing rule that you have.

Hope that helps.


This Discussion