how to let some IPs send/receive mail only

I use the PIX515. If I want to let some PCs getting its ip from DHCP server(EX:

192.168.1.100~192.168.1.150) just can do nothing but eMail, how should I do ?

I am a navice about pix. any detailed steps are welcomed. Tks a lot!

Reply to
aaa
Loading thread data ...

object-group network dhcp_served_hosts network-object 192.168.1.100 255.255.255.252 network-object 192.168.1.104 255.255.255.248 network-object 192.168.1.112 255.255.255.240 network-object 192.168.1.128 255.255.255.240 network-object 192.168.1.144 255.255.255.252 network-object 192.168.1.148 255.255.255.254 network-object host 192.168.1.150

access-list in2out permit tcp object-group dhcp_served_hosts any eq smtp access-list in2out deny ip object-group dhcp_served_hosts any access-list in2out permit ip 192.168.1.0 255.255.255.0 any access-group in2out in interface inside

Be careful if you have an external DNS server...

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.