Correct, The only difference is that when you match it against an access list, you can specify the source and destinations and the rest of the traffic can be continuously being inspected on regular port 25...
On the one at the bottom, no matter source or destination, will try to be inspected against SMTP... Funny thing is that when you use ACls, you have to be very careful, cuz if something gets messed up on the ACL, it may end up dropping everything. Mike From: eug...@koiossystems.com To: ccie_security@onlinestudylist.com Date: Sat, 9 Jun 2012 21:44:55 +0000 Subject: [OSL | CCIE_Security] SMTP inspection on non-standard port If I were to inspect non-standard SMTP on port 2525 on ASA will these two achieve the same results? access-list SMTP-2525-ACL extended permit tcp any host XXX.XXX.XXX.XXX eq 2525 class-map SMTP-2525-CM match access-list SMTP-2525-ACL class-map SMTP-2525-CM match port tcp eq 2525 Eugene _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com