Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question about an ACL

I have an ASA and I have a config question. I already have an ACL in place that allows only smtp traffic from our email provider. I also have a NAT translation to our exchange server for that. My question is- How do I configure OWA (using port 25 and 443) for all outside addresses when I already have an acl only allowing that traffic from my email provider? Also how do I set the NAT translation up? Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: Question about an ACL

New Static:

static (inside,outside) tcp interface https 10.132.129.94 https netmask 255.255.255.255

New acl entry:

access-list outside_access_in permit tcp any interface outside eq https

4 REPLIES
Green

Re: Question about an ACL

Why do you need port 25 for owa?

If you indeed do need it there is no way to allow smtp from only your email provider, then allow it from outside addresses. Maybe I'm not understanding the situation properly.

To set it up for 443, simply add another entry to your acl. Whether or not you need another nat translation depends on your current static statement. Could you post it?

New Member

Re: Question about an ACL

Maybe I'm incorrect in thinking I need SMTP for OWA.

static (inside,outside) tcp interface smtp 10.132.129.94 smtp netmask 255.255.255.255

Green

Re: Question about an ACL

New Static:

static (inside,outside) tcp interface https 10.132.129.94 https netmask 255.255.255.255

New acl entry:

access-list outside_access_in permit tcp any interface outside eq https

New Member

Re: Question about an ACL

Thank you.

115
Views
0
Helpful
4
Replies
CreatePlease to create content