05-28-2013 03:39 PM - edited 03-11-2019 06:50 PM
Hello all
I have an issue, of two parts. The first part I believe I have figured out, just the second part I am unsure of. I have an ASA 5510, currently, there is a mailserver that is static NAT'ed to one of my ISP routed IPs (not the IP of my main Dynamic PAT/Outside interface). I need to convert this over to PAT for ports 25,80,443, etc (standard ports). I know I need to remove the static NAT statement and add in the PAT statements, but I need traffic from that machine to continue to go out the IP assigned to it by the static NAT.
E.G.
1.1.1.1 <- main public IP on outside interface, everything gets internet through this IP
1.1.1.2 <-> 10.10.10.10 static NAT to mailserver, secured with ACLs
I need to enable the mailserver to continue to appear to the world as living on 1.1.1.2, due to MX records and rDNS settings, etc...
The terminology for this setup escapes me at the moment. Any pointers?
Solved! Go to Solution.
05-28-2013 06:11 PM
Hello Mathew,
The PAT statements work bidirectionall. Lets say that you have statements for ports 25,80 and 443. The traffic generated from the server on those ports its still going to use the 1.1.1.2 IP for going out.
Let me know if you have any doubt or question.
-Eddy Duran
05-28-2013 06:11 PM
Hello Mathew,
The PAT statements work bidirectionall. Lets say that you have statements for ports 25,80 and 443. The traffic generated from the server on those ports its still going to use the 1.1.1.2 IP for going out.
Let me know if you have any doubt or question.
-Eddy Duran
05-31-2013 09:52 AM
I ended up having to put a dynamic nat to the inside host for the secondary outside IP. this allowed the traffic generated from the server to go out the correct public ip.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: