Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
358
Views
0
Helpful
1
Replies

VPN help: SMTP/RDP traffic

PETER KNOWLES
Level 1
Level 1

‎12-21-2006 09:24 AM - edited ‎02-21-2020 02:47 PM

Is it possible to allow traffic to come into the WAN port from an unencrypted source (such as SMTP or RDP to our server from the Internet), as well as from an encrypted source (SMTP/RDP from a client on the remote side of a LAN-to-LAN VPN).

Our router is allowing SMTP from the Internet. VPN tunnel is up and passing all traffic except where we have NAT statements that redirect traffic from the Internet to the SMTP server.

Pertinent code snips:

NAT statement for general inbound SMTP:

ip nat inside source static tcp 192.168.1.5 25 (public ip) 25 extendable

ACL line of access list on WAN port:

access-list 150 permit tcp any host (public ip) eq smtp

Access list for traffic LAN-to-LAN

access-list 103 permit ip 192.168.1.0 0.0.0.255 192.168.7.0 0.0.0.255

What else is needed to pass SMTP LAN-to-LAN?

Thank you.

Labels:
0 Helpful
1 Reply 1

wong34539
Level 6
Level 6

‎01-03-2007 06:16 AM

This document addresses and provides a solution to the problem of why a successfully established IPsec tunnel from a Cisco VPN Client to a PIX is unable to pass data.

http://www.cisco.com/warp/public/110/ipsec_tun_pass_data.html

0 Helpful
Customers Also Viewed These Support Documents