Nat of Smtp Server Connected to Core Switch-Firewall-Internet Router

Unanswered Question
Sep 24th, 2008

i have a Smtp Server which is connected to my 6513which ip is 10.x.x.x, core switch(6513) which in turn connected to Firewall and then to Internet Router,

in which 218.248.x.x Access is there,now my requirement is i have to nat smtp to outside ,

Could u give me the command , i am able to ping smtp from Internet router

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Calin Chiorean Thu, 09/25/2008 - 05:59

Hello!

You have a sample command line below, to be able to access your smtp server from internet

ip nat inside source static tcp "internal_IP" 25 "external_IP" 25 extendable

where "internal_IP" in your case is something with 10.x.x.x and "external_IP" one IP from your public range 218.248.x.x

I hope I understood correctly your problem. Tell me if this is working for you!

Cheers,

Calin

networking11 Thu, 09/25/2008 - 06:47

Thanks Calin

ip route 218.x.x.x 255.255.255.255 Null0

and given

ip nat inside source static tcp "internal_IP" 25 "external_IP" 25 extendable

i have configured it and i couldnt ping my

218.248.x.x from Smtp 10.x.x.x,

could you advise me, my purpose is to send mails from smtp to other mails like Gmail,Yahoo

Calin Chiorean Thu, 09/25/2008 - 07:01

Hello

Where do you have this ip route 218.x.x.x 255.255.255.255 Null0 and why?!

The nat (actually is a pat) command that I wrote to you, give you the possibility to access your smtp server from the internet. This is supposed to be applied on your Internet router (I assumed that this is Cisco).

To get out on the internet from your smtp router, you need to do the following on the Internet router:

"access-list 1 permit 10.x.x.x 0.0.0.255"

then

"ip nat inside source list 1 interface Gix/y overload"

where interface Gix/y (can be FastEthernet, Serial, etc...) is your connection to the Internet.

But still that ip route to Null0...I do not see any reason for that!

Good luck!

Calin

p.s. all sample config that you have to apply on the Internet router:

"access-list 1 permit 10.x.x.x 0.0.0.255"

then

"ip nat inside source list 1 interface Gix/y overload"

"ip nat inside source static tcp 10.x.x.x 25 218.248.x.x 25 extendable

networking11 Thu, 09/25/2008 - 07:34

hai calin,

ip route 218.x.x.x 255.255.255.255 Null0 is the command on my router,

i am getting internet thru pos link

interface GigabitEthernet1/1

switchport

switchport trunk allowed vlan 202

switchport mode trunk

no ip address

channel-group 1 mode on

!

interface GigabitEthernet1/2

switchport

switchport access vlan 202

switchport mode access

no ip address

!

interface GigabitEthernet1/3

switchport

switchport access vlan 202

switchport mode access

no ip address

!

interface GigabitEthernet1/4

ip address 218.248.6.222 255.255.255.224

AND

interface POS2/2/0

description "STM1 Link to Secunderabad NIB2 Router"

ip address 210.212.218.21 255.255.255.252

ip nat outside

encapsulation ppp

clock source internal

pos framing sdh

now the Gi 1/2 and 1/3 are connected to Firewall-CoreSwitch-Smtp

and from smtp-internet router ,twoway ping is happening

Actions

This Discussion