Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
0
Helpful
1
Replies

NATTing experiment: Is this possible?

supercell29
Level 1
Level 1

‎11-12-2011 02:50 PM - edited ‎03-11-2019 02:49 PM

Hello,

    I will preface this discussion by saying that I'm not sure if this is even possible. On my 5520 I am trying to use one NAT to route all inbound traffic to one private ip (SMTP) and using the same NAT point all outbound traffic from another private ip (SMTP. See attachment). If not I guess I would have to create two separate NAT's (one inbound to outbound and a separate outbound to inbound).

Thank you in advance for your suggestions!

Labels:
Preview file
72 KB
Preview file
25 KB
0 Helpful
1 Reply 1

Maykol Rojas
Cisco Employee
Cisco Employee

‎11-12-2011 03:29 PM

If I understand correctly, I guess you can... however, SMTP Inbound connections of SMTP will always use the first NAT. Look at the example below:

object network smtp-server

host x.x.x.x

object network NAT-IP-1

host y.y.y.y

object network NAT-IP-2

host z.z.z.z

object service SMTP

service tcp destination eq 25

Nat (inside,outside) source static smtp-server NAT-IP-1 service SMTP SMTP

Nat (inside,outside) source dynamic smtp-server NAT-IP-2

That way, all inbound traffic for SMTP will use NAT-IP-1 and the rest of the outbound traffic from STMP server will use NAT-IP-2.

Let me know if that is what you needed.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card