https://community.cisco.com/t5/network-security/outside-access/m-p/2564973#M205656 <P>I applied same access-list with private ip addresses (non-mapped) and it worked.&nbsp;</P> Mon, 27 Oct 2014 06:15:17 GMT Rizwan 2014-10-27T06:15:17Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564968#M205651 <P>I am using ASA 5515-X version 9.1</P><P>I have created access-list to allow email servers ports from outside. The email server is having static NAT on firewall. But the access-list to ping and to allow tcp ports is not working properly. its working with any any only.</P><P>access-list outside_access_in line 2 extended permit icmp any host 203.1.1.1</P><P>access-list outside_access_in line 3 extended permit tcp any host 203.1.1.1&nbsp;eq smtp</P><P>&nbsp;</P> Tue, 12 Mar 2019 04:59:04 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564968#M205651 Rizwan 2019-03-12T04:59:04Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564969#M205652 <P>Hi,</P><P>I think you are missing some ports for the Email server communication.</P><P>You would be able to apply the capture on the ASA device and see the ports on which the communication works.</P><P>Then , just allow those ports.</P><P>Thanks and Regards,</P><P>Vibhor Amrodia</P> Sat, 25 Oct 2014 07:30:44 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564969#M205652 Vibhor Amrodia 2014-10-25T07:30:44Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564970#M205653 <P>No, it was some other issue. I have sorted out, thanks anyways.&nbsp;</P> Sat, 25 Oct 2014 07:48:39 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564970#M205653 Rizwan 2014-10-25T07:48:39Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564971#M205654 <P>Please indicate what the solution was so others can benefit from the solution.</P> Sat, 25 Oct 2014 19:27:24 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564971#M205654 Marius Gunnerud 2014-10-25T19:27:24Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564972#M205655 <P><SPAN class="fullname" itemprop="author">Hi <A about="/users/rizwansiddiqi" class="username" datatype="" href="https://supportforums.cisco.com/users/rizwansiddiqi" property="foaf:name" title="View user profile." typeof="sioc:UserAccount" lang="">rizwansiddiqi</A>,</SPAN></P><P>&nbsp;</P><P>Did you use the private (non-mapped) ip address of the email server in the access lists?</P><P>&nbsp;</P><P>&nbsp;</P><P>Regards,</P><P>Aref</P> Sat, 25 Oct 2014 21:50:05 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564972#M205655 Aref Alsouqi 2014-10-25T21:50:05Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564973#M205656 <P>I applied same access-list with private ip addresses (non-mapped) and it worked.&nbsp;</P> Mon, 27 Oct 2014 06:15:17 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564973#M205656 Rizwan 2014-10-27T06:15:17Z https://community.cisco.com/t5/network-security/outside-access/m-p/2564974#M205657 <P>yep, true.&nbsp;</P> Mon, 27 Oct 2014 06:16:25 GMT https://community.cisco.com/t5/network-security/outside-access/m-p/2564974#M205657 Rizwan 2014-10-27T06:16:25Z