Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Csico 1812 on timico network

Hello everyone,

I posted this in the firewall forum I think it was not the right place to do so.

I am trying to forward pop3 to the same ip as the smtp server and it simply does not work can anyone pelase help.

SMTP works ok

HTTPS works ok

POP? does not work *************

** config attached **

cheers

  • MPLS
9 REPLIES
New Member

Re: Csico 1812 on timico network

I'm not sure how the traffic flows, but one thing is for sure wrong. Take a look at your ACL 105. Last entries int it look like this:

access-list 105 deny ip host 0.0.0.0 any log

access-list 105 permit icmp host 195.54.228.153 host 1.1.1.1 echo-reply log

access-list 105 deny ip any any log

access-list 105 permit tcp any host 1.1.1.1 eq pop3

You must move last line a few entries up, so that it will have a chance to permit something, because, tight now no traffic can reach this line.

New Member

Re: Csico 1812 on timico network

you are an absolute star I knew I was missing out on something :)

I will make that change

the rotuer config is a bit confusing thansk to Timico :( there suggestion has resulted in the comlex routing and ACL

cheers

New Member

Re: Csico 1812 on timico network

How do I move access-list lines up. For example, my last line for access-lit 101 is deny ip any any .

I need to add a permit line but it keeps on showing up below the last deny ip any any line.

Cisco Employee

Re: Csico 1812 on timico network

Hello,

You need to edit it using "ip access-list extended" command:

Step 1:

Issue "show access-list" command and note down the line number for the deny

statement.

example: show access-list 101

10 permit ip host 192.168.10.1 any

20 permit tcp any any eq www

30 deny ip any any

Here the line number is 30.

Step 2:

Insert the new line before the deny statement using "ip access-list

extended" command

example:

ip access-list extended 101

25 permit tcp any any eq https

show access-list 101

10 permit ip host 192.168.10.1 any

20 permit tcp any any eq www

25 permit tcp any any eq https

30 deny ip any any

Hope this helps.

Regards,

NT

New Member

Re: Csico 1812 on timico network

Yes that helps.

Thank you.

Cisco Employee

Re: Csico 1812 on timico network

Hello,

Glad that it worked out for you. Please mark the question as answered so

somebody else can make use of the information in the future.

Regards,

NT

New Member

Re: Csico 1812 on timico network

I would be glad to mark is as correct. Where do I do that. It does not present itself. I

know I have done this before but I do not see the button to mark as correct answer

Cisco Employee

Re: Csico 1812 on timico network

Hello,

I guess when you are logged in, you can click on the stars below the rate

and also have an option to say if the answer posted helped you or not.

Regards,

NT

Re: Csico 1812 on timico network

Hi,

It seems that you used 2 different accounts to respond to this thread. Only author can see the option of marking issue as resolved. You need to login with the identity you used for the original post.

Hope this helps,

Maria

385
Views
0
Helpful
9
Replies
This widget could not be displayed.