Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

nat outside smtp traffic to internal server

Hi all. I have a probmem.

We want to point our external ip address of the PIX that currently accepts smtp traffic and point it to a different internal server.

We currently have the following:

nat (inside) 2 172.17.2.50 255.255.255.255 0 0

static (inside,outside) tcp 55.120.56.34 smtp 172.17.2.50 smtp netmask 255.255.255.255 0 0

aaa-server authinbound (inside) host 172.17.2.50 testkey timeout 10

The above is the current config and works fine. To point the smtp traffic to a new internal server, I did the following:

static (inside,outside) tcp 55.120.56.34 smtp 172.17.5.6 smtp netmask 255.255.255.255 0 0

Once I did that, the public ip of 55.120.56.34 was not pingable and I could not telnet using port 25. I did a clear xlate..and the same thing.

I can telnet to the 172.17.5.6 server using port 25 internall with no issue.

Does anyone know why this would not work?

1 REPLY
Silver

Re: nat outside smtp traffic to internal server

#1: does the pix have a route to get to

host 172.17.5.6?

#2: "clear xlate" will NOT work. This is a

KNOWN issue in some version of 7.x. You should

be using "clear localhost" instead.

113
Views
0
Helpful
1
Replies
CreatePlease to create content