11-28-2007 01:49 PM - edited 03-11-2019 04:36 AM
I am trying to setup a port 25 redirect to an internal IP address. I have a pix firewall version 6.3 and I only want to redirect incoming email traffic on port 25 to an internal IP address located on my spam firewall. Does anyone have an idea on how I may accomplish this task?
11-28-2007 02:27 PM
static (inside,outside) tcp interface 25 10.1.1.1 25 netmask 255.255.255.255
access-list External permit tcp any host outside_interface_ip eq 25 log
access-group External in interface outside
Easy right?
11-28-2007 02:34 PM
Looks easy enough, however I am not too familiar with the command syntax with the pix firewall... I assume I type in each line as you have it above one line at a time? How would I un-do this if it did not work properly? Where do I insert the IP address which I want the incoming SMTP traffic to go to? Is there a way to set this up using the web interface and not the command prompt?
11-28-2007 02:59 PM
Peter,
you could do a no in front of those commands to remove them. There is a GUI interface if you like it -- PDM I think...
Satya
11-29-2007 08:50 AM
access-list External permit tcp any host outside_interface_"ip" eq 25 log
is "ip" where i put the internal ip address i want the smtp traffic to go to?
11-29-2007 09:12 AM
No, it is the ip that you are using to hit from the outside. If you are using the ip off the outside interface then you can do
access-list External permit tcp any host "outside_interface_ip" eq 25
or
access-list External permit tcp any host interface outside eq 25
11-29-2007 10:35 AM
static (inside,outside) tcp interface 25 10.1.1.1 25 netmask 255.255.255.255
so where do i enter the internal ip address which i want to forward the smtp traffic to then?
I assume it is in this line above somewhere?
do i replace the 10.1.1.1 with my ip address of my spam firewall?
11-29-2007 10:53 AM
Yes.
static (inside,outside) tcp interface 25 "spam.firewall.ip" 25 netmask 255.255.255.255
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: