Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
392
Views
0
Helpful
3
Replies

NAT different for outgoing mail

totallygeek
Level 1
Level 1

‎03-31-2008 04:12 PM - edited ‎03-11-2019 05:25 AM

I currently am NAT'ing all RFC-1918 addresses out the firewall to the Internet. However, I want outgoing mail to appear to originate from a different IP.

So, 10.0.0.1 NATs out as 1.1.1.50

10.0.0.2 (a mail server) should browse Internet appearing to be 1.1.1.50

10.0.0.2 should connect to remote tcp/25 appearing to be from 1.1.1.75

Any way to accomplish this?

Labels:
0 Helpful
3 Replies 3

i-kendall
Level 1
Level 1

‎04-01-2008 03:38 AM

I am sure it can be done. If you create an access list for the e-mail traffic, and a separate one for other traffic, and apply each to a different nat statement. The syntax for the nat is a bit different for a router or PIX/ASA,you don't say which you have, but is broadly the same technique.

Hope this helps.

Regards,

Iain

0 Helpful

totallygeek
Level 1
Level 1
In response to i-kendall

‎04-01-2008 07:35 AM

Sorry, the system is an ASA 5500.

0 Helpful

abinjola
Cisco Employee
Cisco Employee

‎04-01-2008 01:04 PM

nat (inside) 1 10.0.0.1

global (outside) 1 1.1.50

access-l abc permit ip host 10.0.0.2 any

nat (inside) 10 access-l abc

global (outside) 10 1.1.1.50

access-l def permit tcp host 10.0.0.2 any eq 25

nat (inside) 20 access-l def

global (outside) 20 1.1.1.75

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card