Hello Everyone
I am having issues publishing SMTP via our ASA 5525.
I feel like i have everything correct but not working. Note that we only allow SMTP outbound and inbound from a particular set of IPs. Is there something different i need to do when publishing SMTP?
Here is what i am doing.
object-group service obj_mail_services
description This is group is for standard mail protocols
service-object tcp destination eq smtp
service-object tcp destination eq smtps
service-object tcp destination eq pop
object network obj_mail_10.2.4.70
nat (inside,outside) static 64.47.x.x
object-group network obj_Mimecast_pub
description This group lists all subnets associated with Mimecast data centers
network-object 207.211.x.0 255.255.255.0
network-object 207.211.x.0 255.255.255.0
network-object 205.139.x.0 255.255.255.0
network-object 205.139.x.0 255.255.255.0
access-list public_access extended permit object-group obj_mail_services object-group obj_Mimecast_pub object-group obj_mail_10.2.4.70
Also note that there is another ACL on inside interface that is restricting all oubound traffic. SMTP is allowed to the above external hosts using the same object group.
Thanks