ASA 5520

james.lwali — Tue, 12 Mar 2019 04:14:16 GMT

My device has 3 interfaces configured: inside, outside, DMZ. Right now I can access the Mail server from the Internet using domain name which is on DMZ interface. The issue here is when users they need to configure their Ms Outlook for Incoming mail server & outgoing mail server FQDM e.g (mail.test.com) the ms outlook failed to connect , but when using its internal IP address 10.10.1.5 which is Mail server IP address its working fine. Are there any special statements I need to add to the ASA such as nat or ACLs to make this work? My LAN is 192.168.1.0/24 and DMZ is 10.10.1.0/24. And My Mail server IP address is 10.10.1.5/24

The best way to remedy this

Marvin Rhoads — Sat, 24 May 2014 16:41:45 GMT

The best place to get firewall questions answered is the firewall forum.

However, the way to remedy this problem is to setup your DNS server so that it returns the 10.10.1.5 address when resolving the FQDN for internal clients. If that's not an option, then you could deploy a host file to them that statically sets it.

You could also put in a NAT rule that tells inside clients trying to hit the mail server public address to instead use the DMZ address but that's a bit of a hack.

topic ASA 5520 in Network Security

ASA 5520

The best way to remedy this