Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Outside access

I am using ASA 5515-X version 9.1

I have created access-list to allow email servers ports from outside. The email server is having static NAT on firewall. But the access-list to ping and to allow tcp ports is not working properly. its working with any any only.

access-list outside_access_in line 2 extended permit icmp any host 203.1.1.1

access-list outside_access_in line 3 extended permit tcp any host 203.1.1.1 eq smtp

 

6 REPLIES
Cisco Employee

Hi,I think you are missing

Hi,

I think you are missing some ports for the Email server communication.

You would be able to apply the capture on the ASA device and see the ports on which the communication works.

Then , just allow those ports.

Thanks and Regards,

Vibhor Amrodia

New Member

No, it was some other issue.

No, it was some other issue. I have sorted out, thanks anyways. 

VIP Green

Please indicate what the

Please indicate what the solution was so others can benefit from the solution.

-- Please remember to rate and select a correct answer
New Member

I applied same access-list

I applied same access-list with private ip addresses (non-mapped) and it worked. 

Hi rizwansiddiqi, Did you use

 

Did you use the private (non-mapped) ip address of the email server in the access lists?

 

 

Regards,

Aref

New Member

yep, true. 

yep, true. 

38
Views
0
Helpful
6
Replies