Re: blocking PORTS ON PIX!!! [7:16275]

Thu, 16 Aug 2001 08:22:44 -0700 

Hi Allen,
Actually my point it hot to restrict my outbound POP3 from access the
outside mail servers..
I want to block any internal request for external POP3 from accessing that
target.

you got it??
I hope you may help me in this???

Magdy


""Allen May""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Maybe I missed the point of the question, but just don't open POP3 on the
> outside interface for inbound and that will restrict all outside users
from
> using POP3.  Unless inside users pass through the PIX to get to the POP3
> server you won't need to add anything to the PIX to allow inside users
POP3
> (or anything else for that matter).  The rest of the configuration for
mail
> server restrictions can be done at the mail server if you want to tighten
it
> down even further for inside users.
>
> Hope that helps.
>
> Allen
>
> ----- Original Message -----
> From: "Magdy H. Ibrahim"
> To:
> Sent: Thursday, August 16, 2001 7:46 AM
> Subject: blocking PORTS ON PIX!!! [7:16275]
>
>
> > Dear All,
> >
> > I have a question about how to block ports on PIX firewall:
> > my case is: I have mail server working behind PIX so I opened POP3 and
> SMTP
> > ports for this mail server.
> > my mail server accessed from inside and outside interfaces.
> > I want to limit my internal IP only to work with POP3 "using outlook
> express
> > or any mail client" from my mail server and deny any request for POP3
from
> > outside mail servers such as hotmail or yahoo.
> > can I do something like that ???
> > Please advice me ASAP...
> > here is my shortcut of my PIX conf.:
> > static (inside,outside) 62.21.55.68 10.0.0.21 netmask
> > 255.255.255.255 0 0
> > access-group acl_in in interface inside
> > conduit permit icmp any any
> > conduit permit tcp host 62.21.55.66 eq smtp any
> > conduit permit tcp host 62.21.55.66 eq pop3 any
> >
> > Regards,
> >
> > Magdy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16293&t=16275
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to