Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

forwarding smtp to a different internal IP

I have an ASA 5520, and I need to take all traffic from one external IP, and move it to an internal IP, except SMTP, which i need to forward to a different Internal IP. For example, I have nat set so that 64.64.64.64 external NATs to 10.10.10.10, but I need all SMTP traffic from 64.64.64.64 dirrect to 10.10.10.11. Any help would be greatly appreciated. Also, I prefer to use ASDM, because I am not very savy, so please be easy on me.

3 REPLIES

Re: forwarding smtp to a different internal IP

Use Static Policy NAT Rules for each protocol - port that you want to open.

examples:

NAT http://www.cisco.com/univercd/cc/td/doc/product/netsec/secmgmt/asdm/v_5_2/user/nat.htm

Users Guide:

http://www.cisco.com/univercd/cc/td/doc/product/netsec/secmgmt/asdm/v_5_2/user/index.htm

sincerely

Patrick

Community Member

Re: forwarding smtp to a different internal IP

The problem I am having is, it is not allowing me forward port 25 to one internal IP, while forwarding port 80 to a different internal IP. External IP is the same in both cases.

Community Member

Re: forwarding smtp to a different internal IP

You cannot have a static for the whole ip and then port translate on top of that. Remove the existing static then port translate other statics.

no static (inside,outside) 64.64.64.64 10.10.10.10 netmask 255.255.255.255

then add statics for ports to 10.10.10.10

static (inside,outside) tcp 64.64.64.64 80 10.10.10.10 80 netmask 255.255.255.255

static (inside,outside) tcp 64.64.64.64 443 10.10.10.10 443 netmask 255.255.255.255

etc.

then add static for smtp to 10.10.10.11

static (inside,outside) tcp x.x.x.x 25 10.10.10.11 25 netmask 255.255.255.255

281
Views
0
Helpful
3
Replies
CreatePlease to create content