[c-nsp] ACL doesn't seem to filtering anything
Steve Bertrand
steve at ibctech.ca
Thu Nov 26 10:06:20 EST 2009
ML wrote:
> I'm trying to block a customer from using tcp/25 by filtering inbound on
> their circuit. When I check the counters for the ACL they don't
> increase and I can see that the customer is still able to use tcp/25
> outbound.
>
> ACL:
>
> access-list 143 permit tcp 23.45.67.0 0.0.0.255 host 12.23.45.25 eq smtp
> log
> access-list 143 deny tcp 23.45.67.0 0.0.0.255 any eq smtp log
> access-list 143 permit ip any any log
Can you add a:
access-list 143 permit tcp any any eq smtp log
...at the top of the rule list to verify that they are actually coming
from the IP block in the ACL?
Steve
More information about the cisco-nsp
mailing list