Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
307
Views
0
Helpful
3
Replies

Cisco ASA - Second public ip network map and open smtp port

BBCHIT2015
Level 1
Level 1

‎10-20-2015 03:49 PM - edited ‎03-11-2019 11:46 PM

Hi I am in the process of replacing a cisco router with ASA and want to configure ASA accordingly

Public interface (G0/0) has been configured with 3 sub-interface(0.612, 0.613, 0.608). Dynamic NAT has been configured on 0.612 and it is working.

612 has secondary IP configured on router which maps additional public IP address range to our network. which i don't know how to apply on ASA.

I want to open port 25 (smtp) on interface 0.612 to mail server. I tried ACL and NAT using interface but didn't work.

Is there any way to do this.

also want to assign static NAT for terminal server using a spare public IP from second network pool. (192.168.200.11) .  which doesn't work either.

 

 

Labels:
0 Helpful
3 Replies 3

rvarelac
Level 7
Level 7

‎10-20-2015 05:58 PM

Hi BBCHIT2015

 

Have you tried a configuration as below:

 

access-list SMTP-ALLOW permit tcp any any eq 25 

access-group <interface name> in 

 

You can run a packet-tracer to validate the ACL is being used.

 

 

Hope it helps

-Randy-

0 Helpful

BBCHIT2015
Level 1
Level 1
In response to rvarelac

‎10-20-2015 06:14 PM

Hi Randy

I tried applying this ACL on port 612 but didn't work. Do i need to configure NAT static interface for mail server?

Regards
Akki...

 

0 Helpful

rvarelac
Level 7
Level 7
In response to BBCHIT2015

‎10-21-2015 09:31 AM

A port forwarding should work as well. 

 

See an example blow. 

http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/118996-config-asa-00.html

 

-Randy- 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card