Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PAT configuration on ASA 5512

Hi;

 

How can I configure the PAT on my 5512 to allow smtp traffic coming from the internet?  I have one public ip only, but I need direct the smtp, http traffic to two different server internal.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hi,It should be simple like

Hi,

It should be simple like this:-

Server 1 :- Private Ip1

Server 1 :- Private Ip2

Public IP

object network obj-Server1

host Private Ip1

nat (inside,outside) static Public IP service tcp smtp smtp

object network obj-Server2

host Private Ip2

nat (inside,outside) static Public IP service tcp http http

Also , remember to allow these ports in the ACL on the outside incoming traffic ACL.

Something like this:-

access-list Out-IN permit tcp any host Private Ip1 eq smtp

Thanks and Regards,

Vibhor Amrodia

 

1 REPLY
Cisco Employee

Hi,It should be simple like

Hi,

It should be simple like this:-

Server 1 :- Private Ip1

Server 1 :- Private Ip2

Public IP

object network obj-Server1

host Private Ip1

nat (inside,outside) static Public IP service tcp smtp smtp

object network obj-Server2

host Private Ip2

nat (inside,outside) static Public IP service tcp http http

Also , remember to allow these ports in the ACL on the outside incoming traffic ACL.

Something like this:-

access-list Out-IN permit tcp any host Private Ip1 eq smtp

Thanks and Regards,

Vibhor Amrodia

 

138
Views
0
Helpful
1
Replies
CreatePlease login to create content