Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
176
Views
0
Helpful
1
Replies

ASA 5520

james.lwali
Level 1
Level 1

‎05-23-2014 06:26 AM - edited ‎03-11-2019 09:14 PM

My device has 3 interfaces configured: inside, outside, DMZ.  Right now I can access the Mail server from the Internet using domain name which is on DMZ interface. The issue here is when users  they need to configure their Ms Outlook for Incoming mail server & outgoing mail server  FQDM e.g (mail.test.com) the ms outlook failed to connect , but when using its internal IP address 10.10.1.5 which is Mail server IP address its working fine. Are there any special statements I need to add to the ASA such as nat or ACLs to make this work?  My LAN is 192.168.1.0/24 and DMZ is 10.10.1.0/24. And My Mail server IP address is 10.10.1.5/24 

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-24-2014 09:41 AM

The best place to get firewall questions answered is the firewall forum.

However, the way to remedy this problem is to setup your DNS server so that it returns the 10.10.1.5 address when resolving the FQDN for internal clients. If that's not an option, then you could deploy a host file to them that statically sets it.

You could also put in a NAT rule that tells inside clients trying to hit the mail server public address to instead use the DMZ address but that's a bit of a hack.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card