We have an ASA5510 that we need to open port 25 to allow mail traffic to our internal Exchange server.
We have 2 interfaces defined... one named Internal on eth0/3 ip 10.1.x.x and one named Internet on eth 0/0 ip 96.56.x.x
We followed the instructions in ASDM for allowing access to a public server but confusion over definitions have stopped us.
ASDM asks for the internal interface and the internal server IP... no problem there because the internal interface and server have two different IP addresses. The Internal interface is eth 0/3 (10.1.1.1) and the server is 10.1.1.2.
However, when we get to the External interface (eth 0/1) there is only a single IP address 96.56.x.x but the ASDM asks for an Interface IP and the IP people would use to get to the mail server from the outside. Inasmuch as we have only 1 external IP address (which connects to our upstream Cisco router which in turn connects to the ISP modem) we used the same IP for both but the ASDM returns an error indicating they must be different.
Apparently we do not have a clear understanding of what the ASDM is actually asking for. When the ASDM asks for the external interface we assumed it was asking for the named value we gave the interface (which is Internet). The named value "Internet" has an ip associated with it 96.56.x.x. But when the ASDM asks for the ip people on the outside would use to get to the mail server (we created a named value called "mail server" and gave it the same ip address as the external named value. This duplication of ip address causes the ASDM to return the error stating that external Interface to be used and the external ip to be used cannot be the same.
Have we made an error when we assumed that when the ASDM asked for the external interface it meant the ip of the external interface or was it asking for the eth number (as in eth 0/0) for the interface?