nat outside smtp traffic to internal server

Unanswered Question
Dec 24th, 2008

Hi all. I have a probmem.

We want to point our external ip address of the PIX that currently accepts smtp traffic and point it to a different internal server.

We currently have the following:

nat (inside) 2 172.17.2.50 255.255.255.255 0 0

static (inside,outside) tcp 55.120.56.34 smtp 172.17.2.50 smtp netmask 255.255.255.255 0 0

aaa-server authinbound (inside) host 172.17.2.50 testkey timeout 10

The above is the current config and works fine. To point the smtp traffic to a new internal server, I did the following:

static (inside,outside) tcp 55.120.56.34 smtp 172.17.5.6 smtp netmask 255.255.255.255 0 0

Once I did that, the public ip of 55.120.56.34 was not pingable and I could not telnet using port 25. I did a clear xlate..and the same thing.

I can telnet to the 172.17.5.6 server using port 25 internall with no issue.

Does anyone know why this would not work?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco24x7 Wed, 12/24/2008 - 08:40

#1: does the pix have a route to get to

host 172.17.5.6?

#2: "clear xlate" will NOT work. This is a

KNOWN issue in some version of 7.x. You should

be using "clear localhost" instead.

Actions

This Discussion