Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2408
Views
0
Helpful
1
Replies

Configuring an ASA for O365 Hybrid email.

Dorifitox
Level 1
Level 1

‎01-02-2014 10:10 AM - edited ‎03-11-2019 08:24 PM

Hello community!

I couldn't find a search function, so if this has already been answered in the past I am very sorry.

But I am trying to get my ASA to allow all traffic across a NAT'd connection, I've put an access rule of:

access-list OUTSIDE extended permit tcp any host ##.###.###.### eq smtp

But when I put it in I specified port 25 not smtp. I basically need to be able to telnet to this machine on port 25, so it has to be open to all traffic types.

Any idea on how I can force it to allow more than just SMTP traffic?

Your responses are much appreciated!

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎01-02-2014 11:31 PM

Hi,

Since you configure the ACL with the port TCP/25 the ASA will simply convert that port to the well known name of SMTP since that its main purpose. In an ACL however the rules matches ANY traffic coming with the destination port TCP/25. The ACL itself doesnt take into account what traffic you run through that port.

If you have SMTP/ESMTP inspection active on the ASA I would imagine it probably will not like traffic other than SMTP using port TCP/25 as destination. In that case you might have to disable that inspection.

Hope this helps

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card