Let's use this scenario.
1. The clients are inside the corporate network, with private IP. Let's say
192.168.1.0, public range 202.166.1.0/28. The router is doing dynamic NAT.
2. The E-mail server is in the ISP.
3. Primary DNS is inside corporate network.
I use following access-list, however the clients could not access internet
mail. Is there any more ports I should open?
Another question, for DNS, both TCP and UDP have port 'domain '. What's the
difference?
Following are examples of access-list:
int s0
access-list 101 in
access-list 101 permit tcp any 202.166.1.0 0.0.0.15 established
access-list 101 permit tcp any 202.166.1.0 0.0.0.15 eq smtp
access-list 101 permit tcp any 202.166.1.0 0.0.0.15 eq pop3
access-list 101 permit ip 202.166.1.0 0.0.0.15 any
access-list 101 permit tcp any 202.166.1.0 0.0.0.15 eq domain
access-list 101 permit udp any 202.166.1.0 0.0.0.15 eq domain
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
