I did configure ASA for remote VPN users to access internal Exchange server and sync with email system. And they should be able to access LAN servers using the VPN. Before we did configure two servers (10.10.10.170 and 10.10.10.112) for different service. Now we need to configure for remote VPN user to access our Exchange server (10.10.10.8) also they can ping. I configured it without SMTP and they can ping each other and when I configured with SMTP they can not ping also other site also unable to ping. I have marked my new configuration with color underline. Any help would be highly appreciated. Please have a look attachment my configuration.
Why you don just leave the ACL
access-list inside_nat0_outbound extended permit ip host 10.10.10.8 192.168.100.0 255.255.255.0 (Newly added this exchange IP It's ping each other )
With that ACL traffico from 10.10.10.8 to 192.168.100.0 will NOT be NATed.. This include ALL IP (ICMP TCP UDP ...etc) With the second line ONLY traffic from 10.10.10.8 to 192.168.100.0 on port 25 will be proccess by the not NAT.
The ACL es wrong for several reasons. First the Destination port is not 25... that would be the source port so I would be like
permit host 10.10.10.8 eq smtp 192.168.100.0 255.255.255.0
permit tcp host 10.10.10.8 192.168.100.0 255.255.255.0 eq smtp
Go aheah and work with the ACL ......permit ip host 10.10.10.8 192.168.100.0 255.255.255.0
Is That a problem?