Alowing smtp port 25 from a DMZ through to the inside

[Helfenmir]

Hi All

I am new to this but learning. I have a good grasp of the concept but am lacking in commands. However, I am soon to go on a PIX course. Alas, until then, I need to get this working by Friday evening.

I have a server in a DMZ which needs to send a smtp message via our mail server through the inside network.

I need to allow port 25 through on the IP address
of my server residing in the DMZ through to the inside.

How do I do this please? I'm becoming a desperate man but I'm sure it can't be that difficult.

Many Thanks in anticipation

Helfenmir

 

[308win]

Give the inside server, in this case at 192.168.85.28 an address on the service net, w.x.y.z.

static (inside,service-net) w.x.y.z 192.168.85.28 netmask 255.255.255.255 0 0

Create ACL entry to allow the traffic through.
access-l servicenet-in permit tcp host w.x.y.dmz_server_wanting_to_send host w.x.y.z eq 25

Apply access list to interface.
access-g servicenet-in in interface service-net

Inb any case adjust the name of the service-net to reflect what you have used in your DMZ. If you all ready have an servicenet/dmz acl, then adjust the name I used.