Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

reidirect ip address for a protcol with ASA 5500

I have an issue, which I know what it is, do not know how to solve!!

On the inside interface and network, we have a server at, (as an example) 192.168.87.1, which acts as an email server.

The outside ip address of the ASA is, say, 200.0.0.1.

The ASA directs any imap requests from the outside interface to 192.168.87.1, which works fine from the outside. Users simply open up email, and collect emails etc.

Butt.. wwhen they come inside the office, their machine of course attempts to contact the ip address 200.0.0.1. the ASA knows it is outside interface, so they are unable to collect emails.

Any ideas as to how solve this issue, so that any internal IMAP requests from machines on the inside to 200.0.0.1 are directed to the machine inside on 192.168.87.1?

5 REPLIES
Red

reidirect ip address for a protcol with ASA 5500

Hi,

Yes you would need to configure u-turning on the ASA for it, can you let me know the ASA version that you aere using???

If its pre 8.3 then this should be your config:

nat (inside) 1 0.0.0.0 0.0.0.0

global (inside) 1 interface

static (inside,inside) 200.0.0.1 192.168.87.1 norand nailed

same-security-trafic permit intra-interface

Hope it helps,

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
New Member

reidirect ip address for a protcol with ASA 5500

Version 8.2 (2)

Will the config redirect all traffic - i only want it to redirect imap

Mark

Red

reidirect ip address for a protcol with ASA 5500

If you only want imap then you can use port forwarding:

static (inside,inside) tcp 200.0.0.1 143 192.168.87.1 143 norand nailed

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
New Member

Re: reidirect ip address for a protcol with ASA 5500

Is there a easy way to do this via the graphical interface?

I tried enterting this via command line, and got told "invalid host"

It is highling the nailed part of the command!

Red

reidirect ip address for a protcol with ASA 5500

Hi,

Its a bit difficult for me to explain it on the firum, how to do it through the GUI, but you can definitely refer the configuration guide for it:

http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guide/about.html

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
490
Views
15
Helpful
5
Replies