Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
soshomile
soshomile
Community Member
‎02-06-2007 08:46 PM
‎02-06-2007 08:46 PM

Static IP

Dear All;

I have configured My Exchange server behind the firewall.

static (inside,outside) 202.X.X.43 172.16.0.55 netmask 255.255.255.255 0 0

on the other hand

global (outside) 2 202.X.X.43

nat (inside) 2 172.16.0.55 255.255.255.255 0 0

keeping in mind these settings......

now i want to define 1 Public IP for Exchange server for recevivng and sending.

please guide me.

Labels:
0 Helpful
Reply
2 REPLIES
zulqurnain
zulqurnain Bronze
Bronze
‎02-06-2007 09:35 PM
‎02-06-2007 09:35 PM

Re: Static IP

hello,

are you saying that you cannot send recevie any emails on exchange server after configuring what you did.

another question, after looking at your global and nat command it loooks like you are only making one IP to be natted which is trying to reach outside and it is your exchange server ip address.

therefore if that is that case then most likely you don't need global and nat all you need to do is configure static and have ACL to allow SMTP and POP3 on the outside interface like below

//to allow smtp

access-list acl_out permit tcp any host 202.X.X.43 eq smtp

//to allow pop3

access-list acl_out permit tcp any host 202.X.X.43 eq pop3

//to allow web access

access-list acl_out permit tcp any host 202.X.X.43 eq https

//to apply ACL on the outside interface

access-group acl_out in interface outside

HTH, please rate if it does

0 Helpful
Reply
rob.kennedy
rob.kennedy
Community Member
‎02-07-2007 08:13 AM
‎02-07-2007 08:13 AM

Re: Static IP

is 202.X.X.43 the public IP you want to use for your exchange server? If so the

static (inside,outside) 202.X.X.43 172.16.0.55 netmask 255.255.255.255 0 0

command is correct. You must then allow access on your outside access-list to the public IP for receiving and allow access on the private IP on your inside access-list for sending.

0 Helpful
Reply
Latest Documents
Snort IPS on ISR, ISRv and CSR - Step-By-Step Configuration
Created by Kureli Sankar on 04-19-2018 11:25 AM
0
0
0
0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin... view more
Upgrade Chassis Manager (FXOS)
Created by Jeet Kumar on 02-23-2018 02:51 AM
2
15
2
15
    Login to the FXOS chassis manager. Direct your browser to https://hostname/, and log-in using the user-name and password.     Go to Help > About and check the current version:    Check the current version availa... view more
ASA 5506-X with ipv6 no access to internet
Created by Klaxel on 02-08-2018 01:25 AM
3
5
3
5
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6. In Syslog I also se... view more
All Documents
291
Views
0
Helpful
2
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
AnyConnect Certificate Based Authentication.
Created by Marvin Ruiz on 08-27-2012 05:20 PM
36
70
36
70
BLOG (No Title)
Created by athukral on 06-14-2011 04:23 AM
15
35
15
35
Wireless Hacking
Created by Anim Saxena on 01-24-2013 07:56 AM
2
20
2
20
All Blogs