port forward on asa5510

Unanswered Question
Jul 19th, 2010

On of our customers is asking us to set up a port forward from port 587 to port 26 because his client uses verizion for their mail server.

What is the best way to set this up?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Mon, 07/19/2010 - 14:16

Here is an example:

Mail server: 192.168.1.5

NATed (public ip of mail server): 100.1.1.5

static (inside,outside) tcp 100.1.1.5 587 192.168.1.5 26 netmask 255.255.255.255

On the outside ACL, you would need to permit tcp any host 100.1.1.5 eq 587

In regards to port forwarding to port 26, not sure whether it is a typo because mail is normally on port 25, but you can always change it accordingly.

Hope that helps.

Nagaraja Thanthry Mon, 07/19/2010 - 14:17

Hello,

Are you trying to do the port translation for the server which is on the

outside interface of your network? i.e. your client will send data to port

587 and when it exits your network, it should be converted to port 25? Or is

the other way around i.e. Verizon uses port 587 and your client wants to see

it as port 25?

Case 1: Client sends it to 587 and Verizon wants it on port 25

Static (outside,inside) tcp 0.0.0.0 587 0.0.0.0 25 netmask 255.255.255.255

Case 2: Client sends it to 25, but Verizon is using port 587

Static (outside,inside) tcp 0.0.0.0 25 0.0.0.0 587 netmask 255.255.255.255

Hope this helps.

Regards,

NT

Actions

This Discussion