Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

All traffic hangs when I apply a simple access-list

Hey everyone,

I'm attempting to log all outbound SMTP traffic so I can monitor for things like spambots on the network. I've created the following simple access-list:

ip access-list extended SMTP

remark SMTP TRAFFIC

permit tcp any any eq smtp log

!

interface GigabitEthernet0/1
  ...
  ip access-group SMTP in
!
However, as soon as I apply it to ge0/1 all traffic hangs. Any thoughts?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: All traffic hangs when I apply a simple access-list

Hello,

By default the access-list will have an implicit deny policy. So, when you applied the access-list to the interface, all other traffic got denied implicitely. Please add another line to the access-list that allows all other traffic:

ip access-list extended SMTP
remark SMTP TRAFFIC
permit tcp any any eq smtp log
permit ip any any

Hope this helps.

Regards,

NT

1 REPLY
Cisco Employee

Re: All traffic hangs when I apply a simple access-list

Hello,

By default the access-list will have an implicit deny policy. So, when you applied the access-list to the interface, all other traffic got denied implicitely. Please add another line to the access-list that allows all other traffic:

ip access-list extended SMTP
remark SMTP TRAFFIC
permit tcp any any eq smtp log
permit ip any any

Hope this helps.

Regards,

NT

221
Views
5
Helpful
1
Replies
CreatePlease to create content