Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Single outside public - can I PAT out and NAT my SMTP server back in

Hello folks,

I have an ASA 5510, one public IP address on my outside interface, an internal email server and a private network.

I would like...

1: Users on my private network to be able to access the internet (PAT them to external outside address)

2: Email to be delivered to my MX (my single public IP address translated back to my internal email server.

i.e. can I share my single public IP address to serve translation in both directions (private users surfing the Internet (in-to-out) and an outside to inside NAT for email) ?

Email (MX) = 1.2.3.4

Public (outside) address = 1.2.3.4

Email server internal = 10.1.2.3

Internal private subnet for users = 10.0.0.0/8

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Single outside public - can I PAT out and NAT my SMTP server

Hi Bro

Yes, your requirements can be fulfilled with Cisco ASA.

static (inside,outside) tcp interface 110 tcp 10.1.2.3 110 netmask 255.255.255.255

static (inside,outside) tcp interface 25 tcp 10.1.2.3 25 netmask 255.255.255.255

static (inside,outside) tcp interface 25 tcp 10.1.2.3 143 netmask 255.255.255.255

global (outside) 1 interface

nat (inside) 1 10.0.0.0 255.0.0.0

access-list inside permit ip any any

access-list outside permit ip any any

access-group inside in interface inside

access-group outside in interface outside

For more Microsoft application's port numbers, please refer to this URL http://support.microsoft.com/kb/832017

P/S: If you think this comment is useful, please do rate them nicely :-) and select the option “This Question is Answered”

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
1 REPLY

Re: Single outside public - can I PAT out and NAT my SMTP server

Hi Bro

Yes, your requirements can be fulfilled with Cisco ASA.

static (inside,outside) tcp interface 110 tcp 10.1.2.3 110 netmask 255.255.255.255

static (inside,outside) tcp interface 25 tcp 10.1.2.3 25 netmask 255.255.255.255

static (inside,outside) tcp interface 25 tcp 10.1.2.3 143 netmask 255.255.255.255

global (outside) 1 interface

nat (inside) 1 10.0.0.0 255.0.0.0

access-list inside permit ip any any

access-list outside permit ip any any

access-group inside in interface inside

access-group outside in interface outside

For more Microsoft application's port numbers, please refer to this URL http://support.microsoft.com/kb/832017

P/S: If you think this comment is useful, please do rate them nicely :-) and select the option “This Question is Answered”

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
221
Views
0
Helpful
1
Replies