Cisco Router NAT Question

Unanswered Question
Jul 27th, 2010
User Badges:


My Cisco 8xx is able to NAT any SMTP traffic from the outside to the inside mailserver using the following command:

(config)# ip nat inside source static tcp 25 int Dialer1 25

Works just fine, but I would like to tune the NAT rule a bit. This rule allows any source to forward trough the router on port 25. The mail we receive comes from a front-end server from our ISP. The use a small WAN IP-range for there servers, for example to For security reasons it would be great when I'm able to fine-tune the static NAT rule so only traffic received from IP 77.88.99.x will be forwarded trough the router. Is that possible? Or do I need a firewall to set this up, an ASA for example?

We are using a Cisco 867 router for the job. 

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Tim Roelands Tue, 07/27/2010 - 10:59
User Badges:

Well, I guess I need to apply some kind of an Access-list. Should it look like this;

(config)# access-list 105 permit tcp eq 25

(config)# interface dialer1

(config-if)# ip access-group 105 in



This Discussion