Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Firewall Access problem

I have a specific need on our ASA 5510 and could use some guidance.

Currently our outside interface accepts SMTP from any source, via an access rule. NAT then forwards the inbound SMTP to an internal email gateway.

I now have a situation where I have two internal email gateways. I need inbound SMTP from a specific network, to be forwarded to internal gateway1, and all the rest of inbound SMTP traffic forwarded to internal gateway2.

I can't seem to find a way to do this with any combination of typical access rules or NAT rules.

I'm wondering if I'm just missing something simple or if I need to configure something more complex such as Modular Policy Framework (MPF) or perhaps go to multiple firewall contexts.

My networking vendors are saying I should just configure a second outside interface for the unique network out there, so that nromal access rules and NAT -would- work.

But with SMTP, I'm not sure that's feasable. If it is, I'd need assistance there.

(If there is a more appropriate forum on this site for this issue, let me know - I'm a newb here)

Fred

1 REPLY

Re: Firewall Access problem

Fred-

What is the unique network? Is publicly routable? is it a vendor extranet? Why does it need it's own email gateway?

110
Views
0
Helpful
1
Replies
CreatePlease to create content