Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Nat of Smtp Server Connected to Core Switch-Firewall-Internet Router

i have a Smtp Server which is connected to my 6513which ip is 10.x.x.x, core switch(6513) which in turn connected to Firewall and then to Internet Router,

in which 218.248.x.x Access is there,now my requirement is i have to nat smtp to outside ,

Could u give me the command , i am able to ping smtp from Internet router

4 REPLIES

Re: Nat of Smtp Server Connected to Core Switch-Firewall-Interne

Hello!

You have a sample command line below, to be able to access your smtp server from internet

ip nat inside source static tcp "internal_IP" 25 "external_IP" 25 extendable

where "internal_IP" in your case is something with 10.x.x.x and "external_IP" one IP from your public range 218.248.x.x

I hope I understood correctly your problem. Tell me if this is working for you!

Cheers,

Calin

New Member

Re: Nat of Smtp Server Connected to Core Switch-Firewall-Interne

Thanks Calin

ip route 218.x.x.x 255.255.255.255 Null0

and given

ip nat inside source static tcp "internal_IP" 25 "external_IP" 25 extendable

i have configured it and i couldnt ping my

218.248.x.x from Smtp 10.x.x.x,

could you advise me, my purpose is to send mails from smtp to other mails like Gmail,Yahoo

Re: Nat of Smtp Server Connected to Core Switch-Firewall-Interne

Hello

Where do you have this ip route 218.x.x.x 255.255.255.255 Null0 and why?!

The nat (actually is a pat) command that I wrote to you, give you the possibility to access your smtp server from the internet. This is supposed to be applied on your Internet router (I assumed that this is Cisco).

To get out on the internet from your smtp router, you need to do the following on the Internet router:

"access-list 1 permit 10.x.x.x 0.0.0.255"

then

"ip nat inside source list 1 interface Gix/y overload"

where interface Gix/y (can be FastEthernet, Serial, etc...) is your connection to the Internet.

But still that ip route to Null0...I do not see any reason for that!

Good luck!

Calin

p.s. all sample config that you have to apply on the Internet router:

"access-list 1 permit 10.x.x.x 0.0.0.255"

then

"ip nat inside source list 1 interface Gix/y overload"

"ip nat inside source static tcp 10.x.x.x 25 218.248.x.x 25 extendable

New Member

Re: Nat of Smtp Server Connected to Core Switch-Firewall-Interne

hai calin,

ip route 218.x.x.x 255.255.255.255 Null0 is the command on my router,

i am getting internet thru pos link

interface GigabitEthernet1/1

switchport

switchport trunk allowed vlan 202

switchport mode trunk

no ip address

channel-group 1 mode on

!

interface GigabitEthernet1/2

switchport

switchport access vlan 202

switchport mode access

no ip address

!

interface GigabitEthernet1/3

switchport

switchport access vlan 202

switchport mode access

no ip address

!

interface GigabitEthernet1/4

ip address 218.248.6.222 255.255.255.224

AND

interface POS2/2/0

description "STM1 Link to Secunderabad NIB2 Router"

ip address 210.212.218.21 255.255.255.252

ip nat outside

encapsulation ppp

clock source internal

pos framing sdh

now the Gi 1/2 and 1/3 are connected to Firewall-CoreSwitch-Smtp

and from smtp-internet router ,twoway ping is happening

122
Views
0
Helpful
4
Replies