cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
563
Views
0
Helpful
3
Replies

access list

douglas.marts
Level 1
Level 1

Can I write an access list condition that is based only on the physical address of a host? We are implimenting DHCP on the outside of our pix and right now I permit the smtp port only from this server to the inside smtp server. I am wondering how to accomplish the same condition when this address becomes dynamic.

3 Replies 3

grantlewis
Level 1
Level 1

An option you might try is to make a DHCP reservation for the host that needs to remain stable, thus you may continue to use the current access list since the host's IP will remain the same

c-apostol
Level 1
Level 1

As far as I know, it is not possible. The simplest solution is that one sugested by grantlewis: to make an address reservation for your smtp server on the dhcp pool.

rsnider
Level 1
Level 1

When you define your DHCP pool reduce it by one address and then assign this extra address to the server as a static address and use the same type of access list you have now. Most servers require a static address so that they can be found reliably. You may wish to reserve a number of unused addresses for future use.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: