Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > PIX Firewall pop 3

Reply
Thread Tools

PIX Firewall pop 3

 
 
Si
Guest
Posts: n/a
 
      09-15-2006
hi all,

which command would one use to allow POP3 traffic (port 110) through a
PIX
Firewall ?
the pop3 server is outside our network client.
we use SMTP for our e-mails.
Some users need to send and receive e-mails from the external pop3
server. as well as receiving normal e-mail.

Cheers

Annex

 
Reply With Quote
 
 
 
 
chris
Guest
Posts: n/a
 
      09-15-2006

"Si" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> hi all,
>
> which command would one use to allow POP3 traffic (port 110) through a
> PIX
> Firewall ?
> the pop3 server is outside our network client.
> we use SMTP for our e-mails.
> Some users need to send and receive e-mails from the external pop3
> server. as well as receiving normal e-mail.
>
> Cheers
>
> Annex
>


If you have set up NAT/PAT for internet access and have no acl's on the
inside interface then this should be allowed. How's your config look?

Chris.


 
Reply With Quote
 
 
 
 
Si
Guest
Posts: n/a
 
      09-18-2006
Hi Chris,
I have set a rule allowing pop3 tarffic
access-list inside_to_out permit tcp any host xxx.xxx.xx.xxx (external
host server IP) eq pop3
Now users are able to receive e-mails from the external server.
The problem now i am having is user are unabel to reply.
The external servers uses SMTP to reply.
What would be teh best rule to allow that ?
in addition to that can i only specify certain internal ip addresses to
only be able to use outbound SMTP?

your help is very much appreciated
cheers
Si
chris wrote:
> "Si" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) ups.com...
> > hi all,
> >
> > which command would one use to allow POP3 traffic (port 110) through a
> > PIX
> > Firewall ?
> > the pop3 server is outside our network client.
> > we use SMTP for our e-mails.
> > Some users need to send and receive e-mails from the external pop3
> > server. as well as receiving normal e-mail.
> >
> > Cheers
> >
> > Annex
> >

>
> If you have set up NAT/PAT for internet access and have no acl's on the
> inside interface then this should be allowed. How's your config look?
>
> Chris.


 
Reply With Quote
 
swapnendu swapnendu is offline
Member
Join Date: Sep 2006
Posts: 57
 
      09-18-2006
access-list inside_to_out permit tcp host XYZ host smtp_Server_address eq smtp

This command should do the job for u...instead of XYZ, use the ip addresses of the hosts u want to provide the SMTP access..
 
Reply With Quote
 
chris
Guest
Posts: n/a
 
      09-18-2006

"Si" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi Chris,
> I have set a rule allowing pop3 tarffic
> access-list inside_to_out permit tcp any host xxx.xxx.xx.xxx (external
> host server IP) eq pop3
> Now users are able to receive e-mails from the external server.
> The problem now i am having is user are unabel to reply.
> The external servers uses SMTP to reply.
> What would be teh best rule to allow that ?
> in addition to that can i only specify certain internal ip addresses to
> only be able to use outbound SMTP?
>
> your help is very much appreciated
> cheers
> Si



Si,

Are you saying that you have an SMTP server that outside servers cannot
connect to? Do you host your own mail server for your domain?

Chris.


 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      09-18-2006
>"Si" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed) roups.com...
>> Hi Chris,
>> I have set a rule allowing pop3 tarffic
>> access-list inside_to_out permit tcp any host xxx.xxx.xx.xxx (external
>> host server IP) eq pop3
>> Now users are able to receive e-mails from the external server.
>> The problem now i am having is user are unabel to reply.
>> The external servers uses SMTP to reply.


object-group network allowed_to_smtp_to_server1
network-object host INSIDEIP1
network-object host INSIDEIP2
object-group network allowed_to-smtp_to_server2
network-object host INSIDEIP1
network-object host INSIDEIP3
network-object 10.10.10.160 255.255.255.240
! above allows 10.10.10.160 thru 10.10.10.175 to server2

access-list inside_to_out permit tcp object-group allowed_to_smtp_to_server1 host SMTPSERVER1 eq smtp
access-list inside_to_out permit tcp object-group allowed_to_smtp_to_server2 host SMTPSERVER2 eq smtp
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN between Pix firewall behind SpeedTouch ADSL and another PIX DarkoN Cisco 0 10-10-2006 01:15 PM
How to do server-side processing and then display pop-up with pop-up blocker enabled domtam@hotmail.com ASP .Net 2 02-04-2006 06:03 PM
Is Cisco PIX Application level firewall or Packet level firewall? Learning Cisco Cisco 3 10-15-2005 12:55 AM
pop up prevention problem; for wanted pop ups joe doe Firefox 2 03-03-2005 08:08 AM
Connecting to a PIX firewall using cisco VPM client though a Linksys WAG54G with eth firewall enabled Phil Cisco 1 12-11-2004 12:30 PM



Advertisments