NAT/routing help on ASA 5520

Unanswered Question
Apr 15th, 2009
User Badges:


We have 2 email servers with 2 Nics. One has a public IP (e.g'ed to it's private IP for inbound email, so inbound email is fine. Now our ISP only accept smtp traffic from and the issue I have is the server with the NAT can send emails to them, but the server that doesn't have the NAT servers it's smtp traffic outbound via the ASA's default gateway and gets refused.

Is it possible to route this server with no NAT to route outbound via the so both servers go outbound via this and not the ASA's default gateway?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
whiteford Wed, 04/15/2009 - 02:50
User Badges:

Hmm I've never tried that before, plus I only use the ASDM, but do have access tot he CLI and have basic experience with this.

How would I do this then?

Say and wanted to go outbound via (public IP)?

I do not use the ASDM, not even sure if it is capable to configure something like this in the ASDM, via cli

global (outside) 99

access-list email-servers extended permit tcp host any eq smtp

access-list email-servers extended permit tcp host any eq smtp

nat (inside) 99 access-list email-servers

Basically the above instructs the ASA to NAT servers & .2 when they try an access anything out on the internet using smtp and NAT them to external IP


whiteford Wed, 04/15/2009 - 04:19
User Badges:


As one of the email servers has the public IP ( assigned to it via NAT, can I just do the above method to just the server that needs it?

Also, are there any useful commands that will show me that it is using this new public IP?

whiteford Wed, 04/15/2009 - 04:55
User Badges:

OK, wil I have to first remove the current NAT?

whiteford Wed, 04/15/2009 - 06:42
User Badges:

Sorry to confuse:

Could I:

Get the 2 email servers send outbound as public IP on smtp

But only nat inbound to one of the email servers on smtp?


This Discussion