PIX IOS rules question

09-19-2005

Is there a way to use the SMTP-only restriction on an inbound conduit
AND allow incoming traffic to TCP port 20022 (for SSH)? It seems that
CipherTrust tech support will only connect via SSH but our policy is
SMTP only to the mail server.

Thanks to all the gurus in advance!

09-19-2005

<> wrote in message
news: oups.com...
> Is there a way to use the SMTP-only restriction on an inbound conduit
> AND allow incoming traffic to TCP port 20022 (for SSH)? It seems that
> CipherTrust tech support will only connect via SSH but our policy is
> SMTP only to the mail server.
>
> Thanks to all the gurus in advance!
>

You can allow any port you want in. If your support need SSH then you can
configure the pix to allow it.

Chris.

09-19-2005

In article < .com>,
<> wrote:
>Is there a way to use the SMTP-only restriction on an inbound conduit
>AND allow incoming traffic to TCP port 20022 (for SSH)? It seems that
>CipherTrust tech support will only connect via SSH but our policy is
>SMTP only to the mail server.

I'm not quite sure what you are asking. Are you asking for the PIX
to inspect the encrypted ssh stream passing through it, with a goal
of having the PIX enforce certain SMTP rules. That is, to apply
the smtp fixup to the encrypted ssh session ?
--
Daylight is a trademark of OSRAM SYLVANIA INC.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
PIX 515e IOS 7.0(5) and when the Power goes out, the PIX reboots toBoot Monitor	Scooter133	Cisco	4	03-12-2009 12:47 AM
instructions on how to perform an IOS upgrade on a Catalyst 6500 switch (IOS to IOS)	Mike Rahl	Cisco	1	05-30-2007 05:22 PM
PIX 501 Translation Exemption Rules Question	kg026@yahoo.com	Cisco	0	04-30-2007 02:00 PM
rules for Cisco PIX 525 firewall rules	KAS	Cisco	2	10-02-2005 07:12 PM
IOS to IOS VPN Problem	Evan Mann	Cisco	0	02-11-2004 04:42 PM