Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT different for outgoing mail

I currently am NAT'ing all RFC-1918 addresses out the firewall to the Internet. However, I want outgoing mail to appear to originate from a different IP.

So, 10.0.0.1 NATs out as 1.1.1.50

10.0.0.2 (a mail server) should browse Internet appearing to be 1.1.1.50

10.0.0.2 should connect to remote tcp/25 appearing to be from 1.1.1.75

Any way to accomplish this?

3 REPLIES
New Member

Re: NAT different for outgoing mail

I am sure it can be done. If you create an access list for the e-mail traffic, and a separate one for other traffic, and apply each to a different nat statement. The syntax for the nat is a bit different for a router or PIX/ASA,you don't say which you have, but is broadly the same technique.

Hope this helps.

Regards,

Iain

New Member

Re: NAT different for outgoing mail

Sorry, the system is an ASA 5500.

Cisco Employee

Re: NAT different for outgoing mail

nat (inside) 1 10.0.0.1

global (outside) 1 1.1.50

access-l abc permit ip host 10.0.0.2 any

nat (inside) 10 access-l abc

global (outside) 10 1.1.1.50

access-l def permit tcp host 10.0.0.2 any eq 25

nat (inside) 20 access-l def

global (outside) 20 1.1.1.75

113
Views
0
Helpful
3
Replies
CreatePlease to create content