Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PAT internal to DMZ

Malaysia Biggest Internet provider recently announce that they will block port 25(SMTP) due to a lot of spam mail. (what a stupid provider).

i'm using ASA5510, i plan to create 2 rule to solve this issues.

1) create a PAT rule for outside 210.x.x.x:26 map to DMZ 172.x.x.x:25

2) create a PAT rule for inside 192.x.x.x:26 map to DMZ 172.x.x.x:25

3) change user smtp from 25 to 26.

while i will remain unchange for the mail server and email security.

The problem now is i using the ASDM 6.0 to configure, but i found the rules abit weird when do it through GUI.

can anyone of you help me to phrase this into command.


Re: PAT internal to DMZ

static (DMZ,outside) tcp 210.x.x.x 26 172.x.x.x 25 netmask

static (DMZ,inside)tcp 192.x.x.x 26 172.x.x.x 25 netmask

dont forget to permit port 26 to outermost IPs

CreatePlease to create content