03-14-2013 01:30 PM - edited 03-11-2019 06:14 PM
Hi,
I'm having a brainfart here on how to make this work. Inbound NAT I split SMTP/HTTPS on the same public IP going to different internal hosts. Outbound, I want any traffic being sent from my inside host for SMTP outbound to anywhere destined for SMTP to NAT to a specific public IP.
In pre-8.3, I would do the following:
access-list policy-nat permit tcp host 10.1.1.10 any eq smtp
nat (inside) 2 access-list policy-nat
global (outside) 2 1.2.3.4
How do I accomplish the same in 8.3+ NAT?
Thanks.
Solved! Go to Solution.
03-14-2013 01:54 PM
Hello,
The NAT should be like this:
object network obj-10.1.1.10
host 10.1.1.10
object network obj-1.2.3.4
host 1.2.3.4
!
object service obj-tcp-eq-25
service tcp destination eq smtp
!
nat (inside,outside) source dynamic obj-10.1.1.10 obj-1.2.3.4 service obj-tcp-eq-25 obj-tcp-eq-25
Hope it helps,
Juan Lombana
Please rate helpful posts.
03-14-2013 01:54 PM
Hello,
The NAT should be like this:
object network obj-10.1.1.10
host 10.1.1.10
object network obj-1.2.3.4
host 1.2.3.4
!
object service obj-tcp-eq-25
service tcp destination eq smtp
!
nat (inside,outside) source dynamic obj-10.1.1.10 obj-1.2.3.4 service obj-tcp-eq-25 obj-tcp-eq-25
Hope it helps,
Juan Lombana
Please rate helpful posts.
03-14-2013 02:10 PM
That worked. Thanks. First time I've run into having to do this on the new code.
03-14-2013 02:21 PM
Hey no worries, I am also taking the oportunity to share with you a very good doc about NAT on 8.3:
https://supportforums.cisco.com/docs/DOC-9129
Regards,
Juan Lombana
Please rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide