ASA NAT Question

Unanswered Question
May 22nd, 2007


I am facing this scenario.

Mail Server on LAN (behind ASA5510) is Pri.IP.Add.1 with SMTP on port 25.

This is to be NATed to Pub.IP.Add.1 from ISP 1 on port 25.

Also to be NATed to Pub.IP.Add.2 from ISP 2 on port 26 (with port forwarding).

Can anybody guide as to how this can be achieved on ASA v7.2?

Thanks in Advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
m.sir Tue, 05/22/2007 - 23:14

If I understand correctly we talk about direction outside-->dmz

so scenario should be following

static (dmz,outside) tcp Pub.IP.Add.1 25 Pri.IP.Add.1 25 netmask

static (dmz,outside) tcp Pub.IP.Add.2 26 Pri.IP.Add.1 25 netmask

You need also modify the outside ACL


ajay_dand Fri, 05/25/2007 - 08:05

hi M.Sir,

Tried the suggestion. However it doesn't work. It gives me error, when I try creating the second rule, stating the static translation to port 25 already exists. Any other suggestions?

Thanks again.


This Discussion