Having incoming and outgoing mail use the same public IP address

Unanswered Question
Aug 22nd, 2007
User Badges:

HI Guys,

I have a little problem that I am failing to resolve. We a mail relay server with two interfaces connected to the same network in between to firewall. The problem I have is that emails coming from the Internet ( are translated to an internet IP address ( witch is the IP address of one of the interfaces on the mail relay.

E-mails going to the Internet are from the mail relay interface ( with is translated to an IP address How can I configure the PIX to translate the to while I have already static translated to

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hsajwan Tue, 08/28/2007 - 13:16
User Badges:

Try this..

nat (inside) 101

global (outside) 101

clear xlate

Fernando_Meza Wed, 08/29/2007 - 19:05
User Badges:
  • Gold, 750 points or more

Hi .. what you suggest might work, however it is not recommended because you are using the same IP address for PAT and also static NAT. but again it might work.

jeremyault Wed, 08/29/2007 - 16:34
User Badges:

One static nat coming in (which you say you already have) - and one static nat going out.

static (outside,inside) netmask 0 0

static (inside,outside) netmask 0 0

In the above, I'm assuming the mail server is off the "inside" interface. If not, just change inside to whatever it actually is.

You'll need an ACL to let email traffic in. Hopefully I didn't mess this up.

access-list 101 permit ip any host eq smtp

access-group 101 in interface outside

jeremyault Sun, 09/02/2007 - 14:12
User Badges:

OOPS wait - correction. my bad!

The acutal format is -- static ("to interface","from interface") "from address" "to address"

Therefore, the static NAT for traffic from internet to mail server will be:

static (inside,outside)

And the static NAT for the traffic from the mail server to the internet will be:

static (outside,inside)


This Discussion