Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SMTP and PAT

Hi all,

I have a customer with a netgear analogue router, a single legal ip and sbs4.5

Is it possible to collect smtp email through PAT if there is a pix involved?

It will be Server - PIX - Router. However will there be a problem with:

a) Timeouts (dialups taking a lot longer)

b) The server doing nat for the clients through Proxy, then the pix doing pat for the link to the Router then the router doing nat to the single legal ip.

c) If I have an acl to allow smtp in will it work with nat and global? Or should I have a static between two internal ip address's?

Hope that makes sense, cheers for any help!

Andy

3 REPLIES
Cisco Employee

Re: SMTP and PAT

If the router is doing PAT, then you have to set up a port address translation using port 25, and direct it to the PIX outside interface address. Then on the PIX, set up antoerh port address translation for port 25 and direct it to the internal SMTP server. On the PIX it will look like this (assuming the SMTP server's actual address is 10.1.1.1):

static (inside,outside) tcp interface 25 10.1.1.1 25 netmask 255.255.255.255

access-list 100 permit tcp any host 10.1.1.1 eq 25

access-group 100 in interface outside

or if you're using conduits, replace the last two lines above with:

conduit permit tcp host 10.1.1.1 eq 25 any

Timeouts, etc should be fine. I just set this up for a customer and it worked fine, just make sure both the router and the PIX are redirecting TCP port 25 internally to the right spot (the router to the PIX, then the PIX to the server).

New Member

Re: SMTP and PAT

I will give this a try and get back - thanks very much for your time.

cheers

Andy

New Member

Re: SMTP and PAT

It works. (never doubted for a sec..!)

cheers

ANdy

112
Views
0
Helpful
3
Replies
CreatePlease login to create content