Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PAT internal to DMZ

Malaysia Biggest Internet provider recently announce that they will block port 25(SMTP) due to a lot of spam mail. (what a stupid provider).

i'm using ASA5510, i plan to create 2 rule to solve this issues.

1) create a PAT rule for outside 210.x.x.x:26 map to DMZ 172.x.x.x:25

2) create a PAT rule for inside 192.x.x.x:26 map to DMZ 172.x.x.x:25

3) change user smtp from 25 to 26.

while i will remain unchange for the mail server and email security.

The problem now is i using the ASDM 6.0 to configure, but i found the rules abit weird when do it through GUI.

can anyone of you help me to phrase this into command.

1 REPLY

Re: PAT internal to DMZ

static (DMZ,outside) tcp 210.x.x.x 26 172.x.x.x 25 netmask 255.255.255.255

static (DMZ,inside)tcp 192.x.x.x 26 172.x.x.x 25 netmask 255.255.255.255

dont forget to permit port 26 to outermost IPs

105
Views
0
Helpful
1
Replies
CreatePlease to create content