Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DNS - Email-NAT issue

I am running a Cisco 831 with fastethernet 4 used as a DMZ port (ethernet 2). My ISP gave me a /29 network. Of the 6 usable IP's one is assigned to the ISP's device and one to ethernet 1 on my 831. Because of this, I am using static NAT to map the other 4 to the private IP's (172.17.1.0/24) of servers on the DMZ. One of the servers (172.17.1.3)is MX 10 for the domain and another (172.17.1.5) is MX 20 for the same domain. Everything works OK except for this:

When MX 20 (172.17.1.5) trys to forward email to MX 10, it performs a DNS lookup and receives the registered IP for MX 10 (69.2.x.x which is static NATed to 172.17.1

3). When it trys to connect to 69.2.x.x), the connection is refused. From MX 20, I can telnet to MX 10 "telnet 172.17.1.3 25" and connect, but if I go "telnet 69.2.x.x 25" the connection is refused.

I hope this explains the problem clearly. Does anyone have any suggestions as how I can work around this?

1 REPLY
Cisco Employee

Re: DNS - Email-NAT issue

i think the easiest solution will be to use the local host file on your MX10 server and have an entry of private IP address of MX20.

in that way the MX10 need not to resolve the MX20 hostname to a public address.

other then that you have to use some routing and stuff or policy routing etc to get around this

85
Views
0
Helpful
1
Replies
CreatePlease login to create content