04-21-2008 04:39 AM - edited 03-05-2019 10:30 PM
Hi, I have been trying to configure a static PAT on a 1761 router to get to an SMTP server behind this router. I have configured it, but when I am trying to telnet to the IP address of the router (public) on port 25 I do not get anywhere, even though the log on the router shows that NAT is working.
.Apr 21 11:22:11: NAT: o: tcp (x.x.x.x, 1807) -> (y.y.y.y, 25) [44453]
.Apr 21 11:22:11: NAT: s=x.x.x.x, d=y.y.y.y->10.49.17.30 [44453]
.Apr 21 11:22:11: %SEC-6-IPACCESSLOGP: list 191 permitted tcp 10.49.17.30(25) -> x.x.x.x(1807), 1 packet
.Apr 21 11:22:11: NAT: i: tcp (10.49.17.30, 25) -> (x.x.x.x, 1807) [16029]
.Apr 21 11:22:11: NAT: s=10.49.17.30->y.y.y.y, d=x.x.x.x[16029]
x.x.x.x - my IP address, y.y.y.y - public IP of the router, 10.49.17.30 - the server I am trying to get to.
1761 IOS version is 12.3(5b)
I have attached the diagram of the network and the configuration of the router. Could someone help me please, as this issue is really driving me mad... :)
04-21-2008 06:29 AM
Anyone?
04-22-2008 12:27 AM
Ah yes ACL on the WAN interface allows all TCP connections on port 25 through.
If there are any questions - please ask.
Any takers?
04-30-2008 01:40 PM
Got it :)
CBAC was blocking traffic from the internal mail server to outside on the outside interface :)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: