Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Complex NAT Scenario

Here's my puzzler of a situation. I have an internal network with addresses in the 172.16 range that I must use NAT for to communicate with the internet. I want to intercept all requests for the SMTP service, regardless of the external IP address, and force the request to go to a specific external server. In other words, all outbound traffic must have the source address translated, and outbound SMTP traffic must also have the destination address translated. Any ideas?

1 REPLY
Bronze

Re: Complex NAT Scenario

!

interface

ip address 172.16.x.x 255.255.0.0

ip nat inside

!

interface

ip address x.x.x.x x.x.x.x

ip nat outside

!

access-list 100 permit ip 172.16.0.0 0.0.255.255 any

access-list 100 deny ip any any

access-list 101 permit tcp 172.16.0.0 0.0.255.255 any eq 25

access-list 101 deny ip any any

ip nat pool 1-SMTP netmask 255.255.255.0

ip nat inside source list 100 interface overload

ip nat outside source list 101 pool 1-SMTP

230
Views
0
Helpful
1
Replies
CreatePlease login to create content