03-22-2004 04:24 AM - edited 03-02-2019 02:27 PM
Hi,
We have a Cisco 1700 with 2 x ADSL modules. (connecting to two different ISP's).
And a PIX 515 connected to the ethernet interface.
We are trying to configure a static incoming mapping for SMTP via the 2nd ADSL line. The static mapping is on the 2nd ADSL
line, mapping to an address on the 1st ADSL subnet. (this is another mapped address on the PIX)
The static mapping on the PIX works fine if you go to it directly (i.e. to the public address on the 1st ADSL line), but not
through the static mapping on the Cisco router. (2nd ADSL line).
The static SMTP mapping I am trying to get working on the PIX is 217.37.41.230. If i telnet to that directly on port 25 it
works. However I want mail to come in and go out of the other ADSL line, hence the static mapping. I cannot telnet to the
static mapping address (2nd ISP): 217.45.213.58 (port 25).
Currently www & FTP go via one line, and all other traffic go via the other.
Please help!
Please see router config below...
version 12.2
no service pad
service tcp-keepalives-in
service timestamps debug datetime
service timestamps log datetime localtime
no service password-encryption
!
hostname
!
logging buffered 65536 debugging
enable secret 5 blank
!
username all
memory-size iomem 20
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
ip host pix 2005 9.9.9.9
!
!
!
interface Loopback0
ip address 9.9.9.9 255.255.255.0
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface ATM1
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
dsl operating-mode auto
!
interface FastEthernet0
ip address 193.128.179.62 255.255.255.248 secondary
ip address 217.37.41.238 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip policy route-map WWW+FTP
speed 100
full-duplex
no cdp enable
standby 1 ip 217.37.41.237
standby 1 preempt
standby 1 track Dialer2 20
!
interface Dialer1
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname blank
ppp chap password 0 blank
!
interface Dialer2
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
encapsulation ppp
dialer pool 2
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname blank
ppp chap password 0 blank
!
ip nat pool HTTP+FTP 193.128.179.57 193.128.179.57 netmask 255.255.255.248
ip nat inside source route-map nonat-smtp pool HTTP+FTP overload
ip nat inside source static tcp 217.37.41.230 25 217.45.213.58 25 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer2
no ip http server
no ip http secure-server
!
!
!
logging history debugging
logging trap debugging
logging source-interface FastEthernet0
logging 217.37.41.232
access-list 10 permit 80.177.53.46
access-list 10 permit 217.37.41.224 0.0.0.15
access-list 50 permit 80.177.53.46
access-list 50 permit 217.37.41.224 0.0.0.15
access-list 176 permit icmp any host 217.145.64.1
access-list 188 permit tcp 217.37.41.224 0.0.0.15 any eq www
access-list 188 permit tcp 217.37.41.224 0.0.0.15 any eq 443
access-list 188 permit ip 193.128.179.56 0.0.0.7 any
access-list 188 permit tcp host 217.37.41.230 any eq smtp
access-list 189 deny tcp host 217.37.41.225 any eq smtp
access-list 189 permit ip 217.37.41.224 0.0.0.15 any
dialer-list 1 protocol ip permit
no cdp run
!
route-map WWW+FTP permit 10
match ip address 188
set interface Dialer1
!
route-map WWW+FTP permit 15
!
route-map nonat-smtp permit 10
match ip address 189
!
snmp-server community blank RO 50
no snmp-server enable traps tty
03-26-2004 08:11 AM
You can use static maps with multiple route map mentioned in the following link
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087bac.html
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: