07-26-2007 10:09 AM - edited 03-03-2019 06:02 PM
I would like to allow outside world to access (smtp) on port 587 instead of traditional port 25. For outlook exchange 2007 server. *** Port 995 is for incoming traffic which replaces standard POP3 port 110.
Please let me know what I need to do and how to do it on the following configruation of my router. Thanks.
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list NAT interface FastEthernet0/1.200 overload
ip nat inside source static 10.1.0.11 216.108.201.35
!
ip access-list extended NAT
deny ip 10.0.0.0 0.255.255.255 192.168.1.0 0.0.0.255
deny ip 10.0.0.0 0.255.255.255 192.168.2.0 0.0.0.255
permit ip 10.0.0.0 0.255.255.255 any
ip access-list extended Outside
permit tcp 63.146.60.0 0.0.0.255 any eq 22
permit tcp host 64.141.139.190 any eq 22
permit tcp any host 216.109.202.35 eq www
permit tcp any host 216.109.202.35 eq 443
permit tcp any host 216.109.202.36 eq www
permit tcp any host 216.109.202.36 eq 443
permit tcp any host 216.109.202.34 eq smtp
permit tcp any host 216.109.202.34 eq www
permit tcp any host 216.109.202.34 eq 443
permit gre host 65.89.86.102 host 216.109.202.33 log
permit icmp any any echo-reply
permit esp any any
permit udp any any eq isakmp
permit udp any any eq non500-isakmp
deny ip any any log
ip access-list extended Policy-NAT
permit ip host 10.1.0.11 192.168.2.0 0.0.0.255
ip access-list extended Split
permit ip 10.0.0.0 0.255.255.255 any
permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended VoIP
permit tcp 10.1.0.0 0.0.255.255 host 192.168.1.1 eq www
permit tcp 10.1.0.0 0.0.255.255 host 192.168.1.254 eq www
permit tcp 192.168.2.0 0.0.0.255 host 192.168.1.1 eq www
permit tcp 192.168.2.0 0.0.0.255 host 192.168.1.254 eq www
ip access-list extended nat
ip access-list extended outside
permit tcp any host 216.108.201.35 eq 587
ip access-list extended policy-nat
permit ip host 10.1.0.11 192.0.0.0 0.255.255.255
ip access-list extended unlock
permit ip any any
permit gre any any
permit esp any any
permit ahp any any
permit icmp any any
!
access-list 145 permit tcp 216.0.0.0 0.255.255.255 any eq 22
!
!
!
route-map NONAT permit 10
match ip address Policy-NAT
set interface Loopback0
!
!
07-26-2007 12:09 PM
Block the Port 25 smtp... Run your Mail application on 587. Open 587 Port.
And Enjoy.
Regards,
Dharmesh Purohit
07-26-2007 04:25 PM
to block port 25 smtp,I do?
LIke this?????
config t
config#) no ip access-list extended outside
config#) permit any 216.x.x.x eq smtp
Thanks,
07-26-2007 10:37 PM
Hi,
As per your configuration, router has nothing to with your application but to allow or disallow traffic as per access-list applied by you.
As you will be running your smtp application on port other than standard 25 port so change your acccess-list "outside" and permit port 587 towards smtp server.
HTH
rgds
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide