Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
454
Views
0
Helpful
2
Replies

IP IOS firewall - open ports for mail

jweldin
Level 1
Level 1

‎08-29-2002 12:15 PM - edited ‎03-09-2019 12:07 AM

What are the commands to allow internal NAT users access to ports 25 and 110, so they can retrieve and send internet email? I am not very familiar with the firewall commands. I can send a copy of the router config if you need it.

It appears that my users are setup through access-list 1 to browse, but I don't know exactly how to allow them to use the above listed ports.

Thanks,

john weldin

jweldin@focusbsi.com

Labels:
0 Helpful
2 Replies 2

exigent
Level 1
Level 1

‎08-29-2002 06:53 PM

John,

Please provide your config. That would be helpful.

0 Helpful

jweldin
Level 1
Level 1

‎08-30-2002 03:24 AM

!

hostname Cag_Intrnt

!

!

!

!

!

memory-size iomem 25

ip subnet-zero

ip name-server 198.6.1.122

ip name-server 198.6.1.142

!

ip inspect name firewall tftp

ip inspect name firewall ftp

ip inspect name firewall tcp

ip inspect name firewall udp

!

!

process-max-time 200

!

interface Loopback0

ip address 65.217.218.225 255.255.255.240

no ip directed-broadcast

ip nat outside

!

interface Serial0

description Link to Internet

no ip address

no ip directed-broadcast

encapsulation frame-relay IETF

cdp enable

frame-relay lmi-type cisco

!

interface Serial0.1 point-to-point

ip unnumbered FastEthernet0

ip access-group 101 in

no ip directed-broadcast

ip nat outside

frame-relay interface-dlci 126 IETF

!

interface Serial0.2 point-to-point

no ip directed-broadcast

!

interface FastEthernet0

ip address 10.10.1.2 255.255.0.0

ip access-group 102 in

no ip directed-broadcast

ip nat inside

!

router eigrp 1

redistribute static

network 10.0.0.0

default-metric 10000 100 255 1 1500

no auto-summary

!

ip nat pool cagles 65.217.218.227 65.217.218.236 netmask 255.255.255.240

ip nat inside source list 1 pool cagles overload

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0.1

ip route 65.217.218.224 255.255.255.240 Null0

ip route 192.168.0.0 255.255.255.0 FastEthernet0

ip route 192.168.25.0 255.255.255.0 10.10.1.1

no ip http server

!

access-list 1 permit 192.168.10.98

access-list 1 permit 10.10.9.9

access-list 1 permit 10.10.1.1

access-list 1 permit 130.38.91.11

!

line con 0

password 7 0205055C07031C70151A5C

login

transport input none

line aux 0

password 7 094F4F0E15000443525851

login

line vty 0 4

access-class 101 in

password 7 1414130C0001397A7D7C66

login

!

end

0 Helpful
Customers Also Viewed These Support Documents