Firewall Access problem

Unanswered Question
Mar 12th, 2009

I have a specific need on our ASA 5510 and could use some guidance.

Currently our outside interface accepts SMTP from any source, via an access rule. NAT then forwards the inbound SMTP to an internal email gateway.

I now have a situation where I have two internal email gateways. I need inbound SMTP from a specific network, to be forwarded to internal gateway1, and all the rest of inbound SMTP traffic forwarded to internal gateway2.

I can't seem to find a way to do this with any combination of typical access rules or NAT rules.

I'm wondering if I'm just missing something simple or if I need to configure something more complex such as Modular Policy Framework (MPF) or perhaps go to multiple firewall contexts.

My networking vendors are saying I should just configure a second outside interface for the unique network out there, so that nromal access rules and NAT -would- work.

But with SMTP, I'm not sure that's feasable. If it is, I'd need assistance there.

(If there is a more appropriate forum on this site for this issue, let me know - I'm a newb here)


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Fri, 03/13/2009 - 07:00


What is the unique network? Is publicly routable? is it a vendor extranet? Why does it need it's own email gateway?


This Discussion