Hi,

We have a Cisco 1700 with 2 x ADSL modules. (connecting to two different ISP's).

And a PIX 515 connected to the ethernet interface.

We are trying to configure a static incoming mapping for SMTP via the 2nd ADSL line. The static mapping is on the 2nd ADSL

line, mapping to an address on the 1st ADSL subnet. (this is another mapped address on the PIX)

The static mapping on the PIX works fine if you go to it directly (i.e. to the public address on the 1st ADSL line), but not

through the static mapping on the Cisco router. (2nd ADSL line).

The static SMTP mapping I am trying to get working on the PIX is 217.37.41.230. If i telnet to that directly on port 25 it

works. However I want mail to come in and go out of the other ADSL line, hence the static mapping. I cannot telnet to the

static mapping address (2nd ISP): 217.45.213.58 (port 25).

Currently www & FTP go via one line, and all other traffic go via the other.

Please help!

Please see router config below...

version 12.2

no service pad

service tcp-keepalives-in

service timestamps debug datetime

service timestamps log datetime localtime

no service password-encryption

!

hostname

!

logging buffered 65536 debugging

enable secret 5 blank

!

username all

memory-size iomem 20

ip subnet-zero

no ip source-route

!

!

no ip domain lookup

ip host pix 2005 9.9.9.9

!

!

!

interface Loopback0

ip address 9.9.9.9 255.255.255.0

!

interface ATM0

no ip address

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

!

interface ATM1

no ip address

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 2

!

dsl operating-mode auto

!

interface FastEthernet0

ip address 193.128.179.62 255.255.255.248 secondary

ip address 217.37.41.238 255.255.255.240

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip policy route-map WWW+FTP

speed 100

full-duplex

no cdp enable

standby 1 ip 217.37.41.237

standby 1 preempt

standby 1 track Dialer2 20

!

interface Dialer1

ip address negotiated

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname blank

ppp chap password 0 blank

!

interface Dialer2

ip address negotiated

no ip redirects

no ip unreachables

no ip proxy-arp

ip accounting output-packets

encapsulation ppp

dialer pool 2

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname blank

ppp chap password 0 blank

!

ip nat pool HTTP+FTP 193.128.179.57 193.128.179.57 netmask 255.255.255.248

ip nat inside source route-map nonat-smtp pool HTTP+FTP overload

ip nat inside source static tcp 217.37.41.230 25 217.45.213.58 25 extendable

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer2

no ip http server

no ip http secure-server

!

!

!

logging history debugging

logging trap debugging

logging source-interface FastEthernet0

logging 217.37.41.232

access-list 10 permit 80.177.53.46

access-list 10 permit 217.37.41.224 0.0.0.15

access-list 50 permit 80.177.53.46

access-list 50 permit 217.37.41.224 0.0.0.15

access-list 176 permit icmp any host 217.145.64.1

access-list 188 permit tcp 217.37.41.224 0.0.0.15 any eq www

access-list 188 permit tcp 217.37.41.224 0.0.0.15 any eq 443

access-list 188 permit ip 193.128.179.56 0.0.0.7 any

access-list 188 permit tcp host 217.37.41.230 any eq smtp

access-list 189 deny tcp host 217.37.41.225 any eq smtp

access-list 189 permit ip 217.37.41.224 0.0.0.15 any

dialer-list 1 protocol ip permit

no cdp run

!

route-map WWW+FTP permit 10

match ip address 188

set interface Dialer1

!

route-map WWW+FTP permit 15

!

route-map nonat-smtp permit 10

match ip address 189

!

snmp-server community blank RO 50

no snmp-server enable traps tty