Restrict SMTP traffic to an IP range 2

[CorruptedLogic]

I'm pretty sure that this is super simple for someone, just not me! All i need to do is define a range of IP addresses (let's say 1.1.1.1 thru 1.1.1.254 for arguments sake) and then allow that range, and only that range to connect to the mail server on the inside of our Pix 506e. Currently, as far as i can tell, this line is allowing anyone to connect to port 25 on the mail servers ip (aa.aa.aa.aa)

access-list outside-acl permit tcp any host aa.aa.aa.aa eq smtp

I'm guessing that I need to change the "any" part to be the "defined range". I'm just not sure how to set up the range.

Thanks in advance!




CCNA, CCDP, Net+, A+
Work Smarter, Not Harder....
This was supposed to be the future.....Where is my JetPack?!

 

[brianinms]

access-list outside-acl permit tcp 1.1.1.0 255.255.255.0 host aa.aa.aa.aa eq smtp

 

[CorruptedLogic]

Thanks for the reply but i think i wasn't clear (my fault, not yours!). Let me re-visit my (bad!) ip range example. the range would be more like 65.18.0.0 - 65.18.15.0, 255.255.240.0 mask. Would your suggestion still work? It would seem that if i used 65.18.0.0 with a /24 mask, then it would allow the neccessary range, but also a bunch of other addresses as well (i'm probably wrong, subnetting always confuses the hell out of me!).

Thanks again!

CCNA, CCDP, Net+, A+
Work Smarter, Not Harder....
This was supposed to be the future.....Where is my JetPack?!

 

[brianinms]

access-list outside-acl permit tcp 65.18.0.0 255.255.240.0 host aa.aa.aa.aa eq smtp

 

[CorruptedLogic]

You sir, are a diamond. Thank you.

CCNA, CCDP, Net+, A+
Work Smarter, Not Harder....
This was supposed to be the future.....Where is my JetPack?!