[c-nsp] ACL doesn't seem to filtering anything
ML
ml at kenweb.org
Thu Nov 26 09:48:32 EST 2009
I'm trying to block a customer from using tcp/25 by filtering inbound on
their circuit. When I check the counters for the ACL they don't
increase and I can see that the customer is still able to use tcp/25
outbound.
ACL:
access-list 143 permit tcp 23.45.67.0 0.0.0.255 host 12.23.45.25 eq smtp log
access-list 143 deny tcp 23.45.67.0 0.0.0.255 any eq smtp log
access-list 143 permit ip any any log
Interface Config:
interface GigabitEthernet1/5
ip address 56.78.90.12 255.255.255.252
ip access-group 143 in
ip verify unicast source reachable-via rx
no ip redirects
no ip proxy-arp
ip route-cache flow
no cdp enable
no mop enabled
I just want allow them to use our Smarthost and block all other SMTP.
Any thoughts on this one?
More information about the cisco-nsp
mailing list