CBAC question [7:46713]

Sun, 16 Jun 2002 08:47:28 -0700 

Hi
I have 3 interfaces and router 2651 with FW IOS.
I want to use CBAC in my network.
My configuration looks like :

LAN-eth0--------Router---s0---Internet
                         eth1
                             |
                        DMZ
                    server x.x.x.x (SMTP, POP3)

ip inspect name OUTBOUND smtp alert on audit-trail off
ip inspect name OUTBOUND ftp alert on audit-trail off
ip inspect name OUTBOUND http alert off audit-trail off
ip inspect name OUTBOUND sqlnet alert on audit-trail off
ip inspect name OUTBOUND streamworks alert on audit-trail off
ip inspect name OUTBOUND h323 alert on audit-trail off
ip inspect name OUTBOUND realaudio alert on audit-trail off
ip inspect name OUTBOUND tcp alert off audit-trail off
ip inspect name OUTBOUND udp alert off audit-trail off
ip inspect name INBOUND smtp alert off audit-trail off
ip inspect name INBOUND tcp alert off audit-trail off
ip inspect name INBOUND udp alert off audit-trail off

For eth0 ( ip access-grouop 101 in)
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 101 deny   ip any any log

For ser0 (ip access-group 102 in)
access-list 102 permit tcp any host x.x.x.x eq smtp log
access-list 102 permit tcp any host x.x.x.x eq pop3 log
access-list 102 permit tcp any host x.x.x.x eq 22 log
access-list 102 permit icmp any any
access-list 102 deny   ip any any log

For eth1(ip access-group 103 in)
access-list 103 permit icmp any any
access-list 103 permit tcp host x.x.x.x any eq smtp log
access-list 103 permit udp host x.x.x.x any eq domain log
access-list 103 deny   ip any any log

I have linux server in DMZ with SMTP and POP3. The problem is with SMTP (
from LAN or from Internet) i can't connect to SMTP server. I have always
timeout.
In ip inspect session command , I watch the open connection.But it does
work.
I don't know, maybe there is a feature in CBAC and sendmail  :)
Thanks for any help
Regards
MM




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46713&t=46713
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to