port forward on asa5510

Unanswered Question
Jul 19th, 2010
User Badges:

On of our customers is asking us to set up a port forward from port 587 to port 26 because his client uses verizion for their mail server.


What is the best way to set this up?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Mon, 07/19/2010 - 14:16
User Badges:
  • Cisco Employee,

Here is an example:

Mail server: 192.168.1.5

NATed (public ip of mail server): 100.1.1.5


static (inside,outside) tcp 100.1.1.5 587 192.168.1.5 26 netmask 255.255.255.255


On the outside ACL, you would need to permit tcp any host 100.1.1.5 eq 587


In regards to port forwarding to port 26, not sure whether it is a typo because mail is normally on port 25, but you can always change it accordingly.


Hope that helps.

Nagaraja Thanthry Mon, 07/19/2010 - 14:17
User Badges:
  • Cisco Employee,

Hello,


Are you trying to do the port translation for the server which is on the

outside interface of your network? i.e. your client will send data to port

587 and when it exits your network, it should be converted to port 25? Or is

the other way around i.e. Verizon uses port 587 and your client wants to see

it as port 25?


Case 1: Client sends it to 587 and Verizon wants it on port 25


Static (outside,inside) tcp 0.0.0.0 587 0.0.0.0 25 netmask 255.255.255.255


Case 2: Client sends it to 25, but Verizon is using port 587


Static (outside,inside) tcp 0.0.0.0 25 0.0.0.0 587 netmask 255.255.255.255


Hope this helps.


Regards,


NT

Actions

This Discussion