Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA NAT Question

Hi,

I am facing this scenario.

Mail Server on LAN (behind ASA5510) is Pri.IP.Add.1 with SMTP on port 25.

This is to be NATed to Pub.IP.Add.1 from ISP 1 on port 25.

Also to be NATed to Pub.IP.Add.2 from ISP 2 on port 26 (with port forwarding).

Can anybody guide as to how this can be achieved on ASA v7.2?

Thanks in Advance.

2 REPLIES
Gold

Re: ASA NAT Question

If I understand correctly we talk about direction outside-->dmz

so scenario should be following

static (dmz,outside) tcp Pub.IP.Add.1 25 Pri.IP.Add.1 25 netmask 255.255.255.255

static (dmz,outside) tcp Pub.IP.Add.2 26 Pri.IP.Add.1 25 netmask 255.255.255.255

You need also modify the outside ACL

M.

New Member

Re: ASA NAT Question

hi M.Sir,

Tried the suggestion. However it doesn't work. It gives me error, when I try creating the second rule, stating the static translation to port 25 already exists. Any other suggestions?

Thanks again.

116
Views
0
Helpful
2
Replies