I have 3 interfaces in my PIX, Inside, Public and DMZ. I have a host (192.168.1.111) in the DMZ that needs to relay mail to a smart host on the internet. However, the smart host only accepts connections from certain addresses. Public interface's address is one of them. So I've set up an ACL, applied it to the interface.
Now I have to NAT/PAT the traffic, since the smart host only accepts connections from the Public interface.
global (Public) 1 interface
nat (DMZ) 1 192.168.1.111 255.255.255.255
However, it still doesn't work. It says connection is refused. So, I wonder if I have missed something. Our main server sends out fine, but the Inside ACL is a lot less restrictive so I really don't know who's at fault, me or the smart host.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...