I'm trying to do something that should be simple. We are adding an anti-spam device to our network. Currently, the PIX is directing SMTP traffic to our Exchange server (10.0.0.6). I'm trying to now direct that SMTP traffic to the anti-spam device (10.0.0.25).
The PIX has an access rule and a translation rule. I have tried to change the IP address in both rules from 10.0.0.6 to 10.0.0.25. I continue to get a message when trying to change the access rule stating:
No Static Network Address Translation rule is configured for the destination host or network on interface outside. Would you like to add a static NAT rule for the host or network now?
I do so, but when returning to editing the access rule and clicking OK, the same message comes up, as if I have not added the NAT rule.
I have also tried to change the translation rule, but it will not allow the IP address of 10.0.0.6 to be changed. If I try to remove the translation rule, it states the following:
PDM has found that this operation will result in some security rules getting nullified. Please review your transaction/security rules before retrying this operation.
Where am I going wrong? The rules in place function with the existing mail server - just trying to change the internal IP that the mail gets routed to.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...