Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
525
Views
0
Helpful
7
Replies

837 newb config questions

dthornton
Level 1
Level 1

‎09-24-2006 08:05 PM - edited ‎03-03-2019 02:06 PM

Hi,

I'm trying to set up an 837. I have it working and can browse out to the internet. I'm having problems with incoming SMTP connections (fail;) and access from a specific site. The config is attached.

Not only does the smtp incoming fail but when I enter an access-list such as

access-list 111 permit ip 192.168.54.229 10.1.1.1 any

it appears ok, but when I save and show the running-config the ip isn't the same. ???!!?

TIA for any help.

Labels:
0 Helpful
7 Replies 7

dthornton
Level 1
Level 1

‎09-24-2006 08:14 PM

Apparently Opera 9.04 and IE 7 don't work for attachemnts. What does?

0 Helpful

theclam
Level 1
Level 1

‎09-25-2006 04:45 AM

Hi,

I think you have misunderstood the syntax for access lists. If you are trying to permit traffic from 192.168.54.229 to 10.1.1.1 then your access list entry would be:

access-list 111 permit ip host 192.168.54.229 host 10.1.1.1

I'm making the assumption that this access list is applied to the right interface, that no NAT is required, etc - if this router is on the end of a generic Internet connection then you will probably need NAT as well.

When you manage to get the config to upload I'll take another look.

Foeh

0 Helpful

dthornton
Level 1
Level 1
In response to theclam

‎09-25-2006 04:23 PM

Firefox appears to work.

Preview file
5 KB
0 Helpful

theclam
Level 1
Level 1
In response to dthornton

‎09-26-2006 04:10 AM

Hi,

I don't know if it is possible to remove an attachment, but you should be very careful posting configs with the passwords in them!

Anything that is "level 7" encrypted (in this case, all the passwords except the enable secret) can be decrypted very easily with a wide variety of freely available tools.

Most people remove the enable secret as well when they post because that can sometimes be brute forced by a determined attacker.

Foeh

0 Helpful

dthornton
Level 1
Level 1
In response to theclam

‎09-26-2006 07:08 PM

Foeh,

Not to worry. The encrypted stuff has been "chopped up" with a text editor. Even the IPs have been changed to protect the innocent.

Dennis

0 Helpful

dthornton
Level 1
Level 1
In response to theclam

‎09-25-2006 07:50 PM

Foeh,

You're right. I now have it accepting the access-list entry as you suggested. I'm finding that the Cisco documentation is very similar to Unix docs - once you know how it works the docs make sense. ;)

I still have the smtp problem though.

Thanks for your help.

Dennis

0 Helpful

theclam
Level 1
Level 1
In response to dthornton

‎09-26-2006 03:09 AM

Hi,

If you're expecting to accept incoming SMTP from the Internet, you will need to configure up a static NAT along the lines of:

ip nat inside source static tcp 10.1.1.1 25 interface Dialer1 25

That will allow anyone from the Internet to connect to your outside address on port 25, but really be connecting to your mail server.

Your SMTP entry in the ACL will need to be altered to reflect the outside address.

Foeh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card