Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Outside access

I am using ASA 5515-X version 9.1

I have created access-list to allow email servers ports from outside. The email server is having static NAT on firewall. But the access-list to ping and to allow tcp ports is not working properly. its working with any any only.

access-list outside_access_in line 2 extended permit icmp any host

access-list outside_access_in line 3 extended permit tcp any host eq smtp


Cisco Employee

Hi,I think you are missing


I think you are missing some ports for the Email server communication.

You would be able to apply the capture on the ASA device and see the ports on which the communication works.

Then , just allow those ports.

Thanks and Regards,

Vibhor Amrodia

New Member

No, it was some other issue.

No, it was some other issue. I have sorted out, thanks anyways. 

VIP Green

Please indicate what the

Please indicate what the solution was so others can benefit from the solution.

-- Please remember to rate and select a correct answer
New Member

I applied same access-list

I applied same access-list with private ip addresses (non-mapped) and it worked. 

Hi rizwansiddiqi, Did you use


Did you use the private (non-mapped) ip address of the email server in the access lists?





New Member

yep, true. 

yep, true.