cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
290
Views
0
Helpful
6
Replies

Outside access

Rizwan
Level 1
Level 1

I am using ASA 5515-X version 9.1

I have created access-list to allow email servers ports from outside. The email server is having static NAT on firewall. But the access-list to ping and to allow tcp ports is not working properly. its working with any any only.

access-list outside_access_in line 2 extended permit icmp any host 203.1.1.1

access-list outside_access_in line 3 extended permit tcp any host 203.1.1.1 eq smtp

 

6 Replies 6

Vibhor Amrodia
Cisco Employee
Cisco Employee

Hi,

I think you are missing some ports for the Email server communication.

You would be able to apply the capture on the ASA device and see the ports on which the communication works.

Then , just allow those ports.

Thanks and Regards,

Vibhor Amrodia

No, it was some other issue. I have sorted out, thanks anyways. 

Please indicate what the solution was so others can benefit from the solution.

--
Please remember to select a correct answer and rate helpful posts

I applied same access-list with private ip addresses (non-mapped) and it worked. 

 

Did you use the private (non-mapped) ip address of the email server in the access lists?

 

 

Regards,

Aref

yep, true. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: