PAT internal to DMZ

Unanswered Question
Dec 6th, 2007

Malaysia Biggest Internet provider recently announce that they will block port 25(SMTP) due to a lot of spam mail. (what a stupid provider).

i'm using ASA5510, i plan to create 2 rule to solve this issues.

1) create a PAT rule for outside 210.x.x.x:26 map to DMZ 172.x.x.x:25

2) create a PAT rule for inside 192.x.x.x:26 map to DMZ 172.x.x.x:25

3) change user smtp from 25 to 26.

while i will remain unchange for the mail server and email security.

The problem now is i using the ASDM 6.0 to configure, but i found the rules abit weird when do it through GUI.

can anyone of you help me to phrase this into command.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
husycisco Fri, 12/07/2007 - 00:33

static (DMZ,outside) tcp 210.x.x.x 26 172.x.x.x 25 netmask

static (DMZ,inside)tcp 192.x.x.x 26 172.x.x.x 25 netmask

dont forget to permit port 26 to outermost IPs


This Discussion