Port Forwarading between two internal servers on an ASA 6.3
We are trying to set up email continuity through Mimecast. Part of the set up is active directory synchronization. In order for that to happen, the DC will need to communicate with Mimecast. Currently the DC does not have a public IP. We were told we can get around this by doing the following: As long as you have a NAT policy that includes the DC, you should be able to just create an ACL where the source is the Mimecast networks, coming in to your Exchange WAN IP, and then forwarding to the DC’s internal IP on 636.
So, if I understand this correctly, I will set up a connector at Mimecast with the public IP of the exchange server. I will then set up a NAT rule on the ASA that forwards Exchange port 636 to DC port 636. Then create an ACL that allows communication from Mimecast public IP's to DC port 636?
Does that look correct, or am I totally off base? I just need assistance with the ASA part..
Most of our NAT'ing is done out on a LInkproof appliance.
Can you share the access-list and NAT configuration of firewall also network diagram which describe the locations of DC, Exchange and Mimecast Networks. I will certainly be able to help you if you provide these information.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...