Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASA 5510 NAT more config

Status
Not open for further replies.

jjfbcn

MIS
Apr 19, 2006
15
ES
Hi there again,

I have another question, I hope not to be abusing you!!

I want to send and receive e-mails from the same public IP, just for not to be blacklisted, but I want to redirect received e-mails to one INTERNAL server and configure the INTERNAL SMTP in another server. So, this way I should configure two static NAT mappings, one inbound and other outbound. The inbound should point to the smtp-antivirus in the DMZ and the outbound should translate an address from the LAN.

I've write these rules:

static (DMZ,Internet) tcp 111.22.33.44 smtp 192.168.21.41 smtp netmask 255.255.255.255
static (LAN,Internet) 111.22.33.44 192.168.11.33 netmask 255.255.255.255

But I receive a warning message when introducing the DMZ rule:
WARNING: mapped-address conflict with existing static

I don't know if that will work anyway or if there is another way better, may using ACL's...

Thank you!
 
static (DMZ,Internet) tcp 111.22.33.44 smtp 192.168.21.41 smtp netmask 255.255.255.255

access-list this_fo_smtp permit ip host 192.168.11.33 any
nat (LAN) 3 access-list this_fo_smtp
global (Internet) 3 111.22.33.44

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top