Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
248
Views
0
Helpful
1
Replies

PAT internal to DMZ

taliworks
Level 1
Level 1

‎12-06-2007 05:45 PM - edited ‎03-11-2019 04:40 AM

Malaysia Biggest Internet provider recently announce that they will block port 25(SMTP) due to a lot of spam mail. (what a stupid provider).

i'm using ASA5510, i plan to create 2 rule to solve this issues.

1) create a PAT rule for outside 210.x.x.x:26 map to DMZ 172.x.x.x:25

2) create a PAT rule for inside 192.x.x.x:26 map to DMZ 172.x.x.x:25

3) change user smtp from 25 to 26.

while i will remain unchange for the mail server and email security.

The problem now is i using the ASDM 6.0 to configure, but i found the rules abit weird when do it through GUI.

can anyone of you help me to phrase this into command.

Labels:
0 Helpful
1 Reply 1

husycisco
Level 7
Level 7

‎12-07-2007 12:33 AM

static (DMZ,outside) tcp 210.x.x.x 26 172.x.x.x 25 netmask 255.255.255.255

static (DMZ,inside)tcp 192.x.x.x 26 172.x.x.x 25 netmask 255.255.255.255

dont forget to permit port 26 to outermost IPs

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card