The following does not seem to work does anyone see any issues?
static (dmz,outside) tcp 207.164.X.X smtp 10.245.7.135 smtp netmask 255.255.255.255 0 0
static (dmz,outside) tcp 207.164.X.X http 10.245.7.234 80 netmask 255.255.255.255 0 0
Unfortunatly, i don't have answer for you...BUT I am having a similar port redirection problem. i will let you know if I fix my similar problem.
what does not work specifically? when you enter the second command, do you get an error? what other static and global statements do you have?
Basically when I have a normal 1 to 1 static NAT it works. Working meaning mail is flowing but as soon as I do the port redirection the pix takes the commands but mail does no longer flow, or HTTP cannot be connected to.
I'm not sure if it's something in the config but all I know it only stops responding with port redirection is turned on.
I completely agree with Mr. Ddialvo .I have faced similar problem but had to sacrifice one more public IP.I used one public IP and redirected port 25 and port 443 to respective internal and dmz servers.It worked for a while but after sometime it stoped receiving port 25 traffic.Poor chap ,I had to do 1 to 1 mapping for 25 and 443.Now with many people facing same problem,I am assured it's a BUG in Port redirection.Hope Cisco will resolve it.
did you configure the access-list correctly? Without and ACL on the outside interface there will be no incomming http or smtp traffic.
How about posting the whole config. so we can investigate the problem in more detail. Im using port redirection with no problems at all. Thanks.
Sounds like a good Idea but let me think about that? How can I display the config without compromising security?
Besides the 2 lines what did you do different?
I would rather tell you why my lines are different by looking at your config. Post it without passwords and last two octets of public ip's. Your lines look correct but if you are doing port redirection based on the outside interface, then you need to use "interface" as shown below.
static (dmz,outside) tcp interface smtp 10.245.7.135 smtp netmask 255.255.255.255 0 0