Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
288
Views
0
Helpful
1
Replies

Cisco Router NAT Question

Tim Roelands
Level 1
Level 1

‎07-27-2010 08:44 AM - edited ‎03-04-2019 09:12 AM

Hi!

My Cisco 8xx is able to NAT any SMTP traffic from the outside to the inside mailserver using the following command:

(config)# ip nat inside source static tcp 192.168.10.100 25 int Dialer1 25

Works just fine, but I would like to tune the NAT rule a bit. This rule allows any source to forward trough the router on port 25. The mail we receive comes from a front-end server from our ISP. The use a small WAN IP-range for there servers, for example 77.88.99.20 to 77.88.99.50. For security reasons it would be great when I'm able to fine-tune the static NAT rule so only traffic received from IP 77.88.99.x will be forwarded trough the router. Is that possible? Or do I need a firewall to set this up, an ASA for example?

We are using a Cisco 867 router for the job. 

Labels:
0 Helpful
1 Reply 1

Tim Roelands
Level 1
Level 1

‎07-27-2010 10:59 AM

Well, I guess I need to apply some kind of an Access-list. Should it look like this;

(config)# access-list 105 permit tcp 77.88.99.0 0.0.0.255 192.168.10.100 0.0.0.0 eq 25

(config)# interface dialer1

(config-if)# ip access-group 105 in

??

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card