cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
306
Views
5
Helpful
1
Replies
benlemasurier
Beginner

All traffic hangs when I apply a simple access-list

Hey everyone,

I'm attempting to log all outbound SMTP traffic so I can monitor for things like spambots on the network. I've created the following simple access-list:

ip access-list extended SMTP

remark SMTP TRAFFIC

permit tcp any any eq smtp log

!

interface GigabitEthernet0/1
  ...
  ip access-group SMTP in
!
However, as soon as I apply it to ge0/1 all traffic hangs. Any thoughts?

1 ACCEPTED SOLUTION

Accepted Solutions
Nagaraja Thanthry
Cisco Employee

Hello,

By default the access-list will have an implicit deny policy. So, when you applied the access-list to the interface, all other traffic got denied implicitely. Please add another line to the access-list that allows all other traffic:

ip access-list extended SMTP
remark SMTP TRAFFIC
permit tcp any any eq smtp log
permit ip any any

Hope this helps.

Regards,

NT

View solution in original post

1 REPLY 1
Nagaraja Thanthry
Cisco Employee

Hello,

By default the access-list will have an implicit deny policy. So, when you applied the access-list to the interface, all other traffic got denied implicitely. Please add another line to the access-list that allows all other traffic:

ip access-list extended SMTP
remark SMTP TRAFFIC
permit tcp any any eq smtp log
permit ip any any

Hope this helps.

Regards,

NT

View solution in original post