Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Need some help
- Thread starter nsarisk
- Start date
tonymullen
MIS
depends which way you want the access (inbound or outbound). I'd get rid of the conduit and put:
access-list outbound permit tcp host x.y.z.7 <outboundip> <mask> eq smtp
access-group outbound in interface inside
This will restrict host x.y.z.7 to only access the range of ips defined by the outboundip range.
If you want to limit incoming then change it to
access-list inbound permit tcp <outboundip> <mask> host x.y.z.7 eq smtp
access-group inbound in interface outside
this will allow only those ips listed to connect to the x.y.z.7 address using smtp. Note that this must be the external address for inbound traffic unless you've set up a vpn.
access-list outbound permit tcp host x.y.z.7 <outboundip> <mask> eq smtp
access-group outbound in interface inside
This will restrict host x.y.z.7 to only access the range of ips defined by the outboundip range.
If you want to limit incoming then change it to
access-list inbound permit tcp <outboundip> <mask> host x.y.z.7 eq smtp
access-group inbound in interface outside
this will allow only those ips listed to connect to the x.y.z.7 address using smtp. Note that this must be the external address for inbound traffic unless you've set up a vpn.
- Thread starter
- #3
- Status
Similar threads
- Locked
- Question
- Locked
- Question