04-01-2014 06:50 PM - edited 03-11-2019 09:01 PM
Dear all ,
how can we allow from inside telnet by name like ( telnet mail.xxx.com 25 ) , but if i'm at outside i can telnet mail.xxx.com 25 is working.
Best Regards,
Rechard
04-01-2014 08:02 PM
Dear all ,
do you have any advice?
Best Regards,
Rechard
04-02-2014 02:54 AM
The reason you are not able to use mail.xxx.com from the inside is because it is most likely resolving to a public IP address. To resolve this you can either adjust the FQDN to IP resolution in the DNS server so that it points to the private IP, or you can configure a NAT statement in the firewall that will translate requests for the public IP to the priave IP on port 25.
If the DNS server is located either on the Internet or on a different ASA interface you could use DNS rewrite so that all DNS requests for that server will be automatically translated to the private IP of the server.
--
Please remember to rate and select a correct answer
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide