Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SMTP

Hi. I'm trying to establish email connectivity between two networks separated by an internal Cisco 2611 router. Right now, I have network connectivity with no special configuration parameters set. In order to pass SMTP, I plan to create an access list as such:

access-list 101 permit tcp any any eq smtp

When I applied it to the interface (in), all access ceased. In order to get it working, I believe I need to add a second line to allow all other traffic as such:

access-list 100 permit ip any any

Is this correct? Or, am I allowing too much access? Also, what about the mail flowing from the other side? Same configuration, just on the other interface?

Thanks,

JNK99

3 REPLIES
Cisco Employee

Re: SMTP

What prompted the need for an ACL? You should be able to forward SMTP traffic without and ACL. If you are going to use an ACL permiting all traffic, why using an ACL to start with.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
New Member

Re: SMTP

ACL 101 blocks everything except SMTP by a implied deny all at the end of every access-list

Second, your acl 100 is that a type-o? you can not apply multiple acls on the same interface one in and one out.

Good luck.

New Member

Re: SMTP

Hi,

You shoould find out exactly what traffic will pass and add all of it in the same way you specified SMTP (that is why all traffic except SMTP stopped once the ACL was applied). Remove the second line after that because it makes the ACL (apart from deny entries) not needed.

Jacques

98
Views
0
Helpful
3
Replies