Static Nat help

Unanswered Question
Feb 28th, 2007

Hi...

We are usinng an ASA 5520 as a front end firewall and an ISA server as a back end server. The latter is connected to the inside interface of the ASA. All the LAN PCs are connected to a second interface on the ISA. The design looks like this

Internet<---->ASA<----->ISA<------>LAN

Our ISP supplies us a range of public IPs, x.x.x.1/224 to x.x.x.31/224.

In order to let clients access the Internet, I only do a static nat for the ISA server external interface, since we use it for http traffic and email hosting.

My question is that Static Nat works when the mapped public ip is the same as the ASA Outside interface, i.e. x.x.x.3. If I change the static nat statement to any othe public IP, example x.x.x.29, all connections are lost.

Is there any reason for this behaviour.

One other issue is that while static nat is functioning, I can send email messages but cannot receive any, couldnt find a solution yet.

All help is appreciated

We use ASA 7.2. Nat-control is not configured

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
ROBERTO TACCON Mon, 03/05/2007 - 05:25

One other issue is that while static nat is functioning, I can send email messages but cannot receive any, couldnt find a solution yet.

Have you verified the inspect (smtp or esmtp)configuration ?

mo shea Mon, 03/05/2007 - 19:44

Thanks for the responses,

I have removed esmtp from the insppect list. I am thinking to nat the ISA servers external IP to one from my pool, while keeping the current static mappings.

I will test it today and post the configs.

Thanks

Actions

This Discussion