Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Force route

We have a pix 501. I have a primary Ip on the outside interface of 68.x.x.21

I have a secondary IPaddress of 68.x.x.17 that handles incoming mail request. Tne problem is when I send mail through this pix the ip address shows up as 68.x.x.21 and not 68.x.x.17. I need the mail server to use the 17 address to send mail. I know the easy answer is to change the primary ip to the .17 but then I have to deal with external ftp servers we attach to that are setup to allow our ip address of .21

So wehat I need to do is force the mail server in my lan to send useing .17 instead of .21

Thanks

8 REPLIES
Hall of Fame Super Blue

Re: Force route

Hi

if you use the following statement

static (inside,outside) 68.x.x.17 "internal mail server ip" netmask 255.255.255.255

you don't need to worry about secondary addresses.

Jon

New Member

Re: Force route

Hi Jon

The static is already in there. In bound work fine but on outbound My mail still looks like it comes from the 21 address and not the 17. Is there a acl I need to put in.

Thanks

Stephen

Hall of Fame Super Blue

Re: Force route

Stephen

Shouldn't have to.

Can you post the NAT config from your firewall (santised)

Jon

New Member

Re: Force route

Hi Jon

Is this what you need. New at this so please bear with me.

Stephen

New Member

Re: Force route

Hi Jon

The static is already in there. In bound work fine but on outbound My mail still looks like it comes from the 21 address and not the 17. Is there a acl I need to put in.

Thanks

Stephen

New Member

Re: Force route

Since you configured the NAT statement, have you do a clear xlate or reboot the pix?

New Member

Re: Force route

static has Always been there. Reboots a plenty since setup of static. Still no joy

Hall of Fame Super Blue

Re: Force route

Stephen

Can you post full config + an output of

"sh xlate"

Jon

149
Views
0
Helpful
8
Replies
CreatePlease to create content