Can ASA do a many-to-one translation?

Unanswered Question
Sep 8th, 2007

I have two external public IPs that used to be mapped one-to-one to two internal private IPs. Now, I want to get rid of one of my internal servers but I want to continue to use my two public IPs but both going to the same server.

Can I do something like this:

static (outside,inside) 25 25

static (outside,inside) yyy.yyy.yyy.yyy 110 110

So incoming SMTP traffic to the "x" public IP goes to the same server as POP3 traffic does when it is sent to the "y" IP.

Also, since the SMTP server is also going to be sending out email, will I need another "static (inside,outside)" translation for outgoing traffic too or will the previous translation do the outgoing traffic also?

for example, do I need a:

static (inside,outside) 25 25

(or have I got my IPs reversed?)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
thomasdzubin Mon, 09/10/2007 - 05:15

So you know if I have to put in a new separate "static (inside,outside)" entry to make sure outgoing email port 25 SMTP traffic appears to come from the "" address or is that taken care of already by the "static (outside,inside)" line?

The outgoing email will be traffic initiated by the server, not part of any existing connection that may be incoming and already in the NAT table.

a.alekseev Mon, 09/10/2007 - 05:39

oops... sorry

must be

static (inside, outside) tcp 25 25

static (inside,outside) tcp yyy.yyy.yyy.yyy 110 110

access-list OUTSIDE-IN permit tcp any host yyy.yyy.yyy.yyy eq 110

access-list OUTSIDE-IN permit tcp any host eq 25

access-group OUTSIDE-IN in int outside


This Discussion