ASA NAT Question

Unanswered Question
May 22nd, 2007

Hi,


I am facing this scenario.


Mail Server on LAN (behind ASA5510) is Pri.IP.Add.1 with SMTP on port 25.


This is to be NATed to Pub.IP.Add.1 from ISP 1 on port 25.


Also to be NATed to Pub.IP.Add.2 from ISP 2 on port 26 (with port forwarding).


Can anybody guide as to how this can be achieved on ASA v7.2?


Thanks in Advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
m.sir Tue, 05/22/2007 - 23:14

If I understand correctly we talk about direction outside-->dmz

so scenario should be following

static (dmz,outside) tcp Pub.IP.Add.1 25 Pri.IP.Add.1 25 netmask 255.255.255.255

static (dmz,outside) tcp Pub.IP.Add.2 26 Pri.IP.Add.1 25 netmask 255.255.255.255

You need also modify the outside ACL

M.


ajay_dand Fri, 05/25/2007 - 08:05

hi M.Sir,


Tried the suggestion. However it doesn't work. It gives me error, when I try creating the second rule, stating the static translation to port 25 already exists. Any other suggestions?


Thanks again.

Actions

This Discussion