PIX Firewall pop 3

Discussion in 'Cisco' started by Si, Sep 15, 2006.

  1. Si

    Si Guest

    hi all,

    which command would one use to allow POP3 traffic (port 110) through a
    PIX
    Firewall ?
    the pop3 server is outside our network client.
    we use SMTP for our e-mails.
    Some users need to send and receive e-mails from the external pop3
    server. as well as receiving normal e-mail.

    Cheers

    Annex
     
    Si, Sep 15, 2006
    #1
    1. Advertising

  2. Si

    chris Guest

    "Si" <> wrote in message
    news:...
    > hi all,
    >
    > which command would one use to allow POP3 traffic (port 110) through a
    > PIX
    > Firewall ?
    > the pop3 server is outside our network client.
    > we use SMTP for our e-mails.
    > Some users need to send and receive e-mails from the external pop3
    > server. as well as receiving normal e-mail.
    >
    > Cheers
    >
    > Annex
    >


    If you have set up NAT/PAT for internet access and have no acl's on the
    inside interface then this should be allowed. How's your config look?

    Chris.
     
    chris, Sep 15, 2006
    #2
    1. Advertising

  3. Si

    Si Guest

    Hi Chris,
    I have set a rule allowing pop3 tarffic
    access-list inside_to_out permit tcp any host xxx.xxx.xx.xxx (external
    host server IP) eq pop3
    Now users are able to receive e-mails from the external server.
    The problem now i am having is user are unabel to reply.
    The external servers uses SMTP to reply.
    What would be teh best rule to allow that ?
    in addition to that can i only specify certain internal ip addresses to
    only be able to use outbound SMTP?

    your help is very much appreciated
    cheers
    Si
    chris wrote:
    > "Si" <> wrote in message
    > news:...
    > > hi all,
    > >
    > > which command would one use to allow POP3 traffic (port 110) through a
    > > PIX
    > > Firewall ?
    > > the pop3 server is outside our network client.
    > > we use SMTP for our e-mails.
    > > Some users need to send and receive e-mails from the external pop3
    > > server. as well as receiving normal e-mail.
    > >
    > > Cheers
    > >
    > > Annex
    > >

    >
    > If you have set up NAT/PAT for internet access and have no acl's on the
    > inside interface then this should be allowed. How's your config look?
    >
    > Chris.
     
    Si, Sep 18, 2006
    #3
  4. Si

    swapnendu

    Joined:
    Sep 13, 2006
    Messages:
    57
    access-list inside_to_out permit tcp host XYZ host smtp_Server_address eq smtp

    This command should do the job for u...instead of XYZ, use the ip addresses of the hosts u want to provide the SMTP access..
     
    swapnendu, Sep 18, 2006
    #4
  5. Si

    chris Guest

    "Si" <> wrote in message
    news:...
    > Hi Chris,
    > I have set a rule allowing pop3 tarffic
    > access-list inside_to_out permit tcp any host xxx.xxx.xx.xxx (external
    > host server IP) eq pop3
    > Now users are able to receive e-mails from the external server.
    > The problem now i am having is user are unabel to reply.
    > The external servers uses SMTP to reply.
    > What would be teh best rule to allow that ?
    > in addition to that can i only specify certain internal ip addresses to
    > only be able to use outbound SMTP?
    >
    > your help is very much appreciated
    > cheers
    > Si



    Si,

    Are you saying that you have an SMTP server that outside servers cannot
    connect to? Do you host your own mail server for your domain?

    Chris.
     
    chris, Sep 18, 2006
    #5
  6. >"Si" <> wrote in message
    >news:...
    >> Hi Chris,
    >> I have set a rule allowing pop3 tarffic
    >> access-list inside_to_out permit tcp any host xxx.xxx.xx.xxx (external
    >> host server IP) eq pop3
    >> Now users are able to receive e-mails from the external server.
    >> The problem now i am having is user are unabel to reply.
    >> The external servers uses SMTP to reply.


    object-group network allowed_to_smtp_to_server1
    network-object host INSIDEIP1
    network-object host INSIDEIP2
    object-group network allowed_to-smtp_to_server2
    network-object host INSIDEIP1
    network-object host INSIDEIP3
    network-object 10.10.10.160 255.255.255.240
    ! above allows 10.10.10.160 thru 10.10.10.175 to server2

    access-list inside_to_out permit tcp object-group allowed_to_smtp_to_server1 host SMTPSERVER1 eq smtp
    access-list inside_to_out permit tcp object-group allowed_to_smtp_to_server2 host SMTPSERVER2 eq smtp
     
    Walter Roberson, Sep 18, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. joe doe
    Replies:
    2
    Views:
    990
    ..brian..
    Mar 3, 2005
  2. Phil
    Replies:
    1
    Views:
    2,157
    Walter Roberson
    Dec 11, 2004
  3. Learning Cisco
    Replies:
    3
    Views:
    2,296
    Walter Roberson
    Oct 15, 2005
  4. William Young

    Pop-up to Buy Pop-up software

    William Young, Jan 23, 2004, in forum: Computer Support
    Replies:
    4
    Views:
    627
    c.rowlands4
    Jan 24, 2004
  5. Ulisse
    Replies:
    1
    Views:
    489
    Randy Bard
    Oct 27, 2003
Loading...

Share This Page