email issues on UC520

Unanswered Question
Sep 24th, 2009

The physical ip of the UC520 router is xx.xx.xx.154.

I have another public ip xx.xx.xx.155 pointing to my mail server.

Using nat translations, i opened the ports for the mail server as shown below:

ip nat inside source static tcp 25 xx.xx.xx.155 25 extendable

ip nat inside source static tcp 80 xx.xx.xx.155 80 extendable

ip nat inside source static tcp 21 xx.xx.xx.155 21 extendable

ip nat inside source static tcp 443 xx.xx.xx.155 443 extendable

We are unable to send emails to certain domains (ex, and the error we receive is "cannot find reverse hosting". The server sends the mail with .154 ip stamp  instead of the .155 ip

the ptr record for mail shows that it is resolved to xx.xx.xx.155

Any ideas why this is?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Saurabh Verma Fri, 09/25/2009 - 05:59

Your configuration looks fine. Is it possible that aol, rr and other domains use a different port number to communicate? Since you have a dedicated IP address for the email server, can you use static nat for ip address (instead of port #)?


murtazashikarii Fri, 09/25/2009 - 07:39

Hi Saurabh,

Another observation: all the incoming connections are fine, however, all the outbound connections from all the servers (inc the mail server) are going out from xx.xx.xx.154 address (uc520).

I would like it to be setup where the outbound from each server goes out from the specified ip address.

For example,

We set up this translation:

Incoming: xx.xx.xx.155 -> through ports 25,80,443,21 using the nat translation commands.

We have observed that the outbound connections from are not going out through xx.xx.xx.155! Instead it shows going out from xx.xx.xx.154

Here, i would like to have the outbound from the mail server go out only through xx.xx.xx.154

Is there a similar translation to direct outbound traffic through the sepcified public address?

Will the static nat you mentioned take care of it?


Saurabh Verma Tue, 09/29/2009 - 05:42

What you've described, should set the NAT translations such that unique internal ipaddress/port# is tied to an external ipaddress/port#. Can you perform the following?

a) delete the static entries from UC 500 config

b) clear nat translations by executing "clear ip nat translation *"

c) reconfigure the static entries on UC 500

d) capture an output of "show ip nat translations"

Can you also provide version and configuration from the UC 500.


murtazashikarii Tue, 09/29/2009 - 15:31

Hi Saurabh,

I used a static nat translation and then used an accesslist for allowing only certain ports open for communication. Its been working ok so far but will let you know if i run into issuesagain.

Thanks for the help!

murtazashikarii Fri, 09/25/2009 - 09:35

another observation:

when i do a nslookup, i get the following:

> xx.xx.xx.154

*** can't find xx.xx.xx.154: Server failed

> xx.xx.xx.155

*** can't find xx.xx.xx.155: Server failed

Any ideas what is causing this?


This Discussion

Related Content