Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: egress filtering on asa5505

egress filtering on asa5505 9 years 3 months ago #29414

Hello,

I am trying to configure egress filtering to only allow outbound on 25 from my mailserver. I have no problems configuring inbound access lists, but egress are somewhat confusing to me. I just had someone get infected with a mailing virus and I'd like to eliminate the problem.

Just want to see if I'm on the right track:

access-list inside_access_outside extended permit tcp any host 192.168.1.187 eq 25
access-list inside_access_outside extended deny tcp any any outside eq 25
access-group inside_access_outside out interface inside

This would allow connections via port 25 outbound from 192.168.1.187 only and then block all others. access-group command enables it on the interface.

thanks fo rhte help

Please Log in to join the conversation.

Re: egress filtering on asa5505 9 years 3 months ago #29415

I think it needs to be the other way around. The first network "any" is the source and the IP address 192.168.1.187 eq 25 is the destination.

I believe you need to reverse this. You may have to apply it to the inside interface in instead of the outside interface in.

Please Log in to join the conversation.

Re: egress filtering on asa5505 9 years 3 months ago #29431

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
Think skepticals is on the ball there :)

Please Log in to join the conversation.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
  • Page:
  • 1
Time to create page: 0.145 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup