05-28-2013 03:39 PM - edited 03-11-2019 06:50 PM
Hello all
I have an issue, of two parts. The first part I believe I have figured out, just the second part I am unsure of. I have an ASA 5510, currently, there is a mailserver that is static NAT'ed to one of my ISP routed IPs (not the IP of my main Dynamic PAT/Outside interface). I need to convert this over to PAT for ports 25,80,443, etc (standard ports). I know I need to remove the static NAT statement and add in the PAT statements, but I need traffic from that machine to continue to go out the IP assigned to it by the static NAT.
E.G.
1.1.1.1 <- main public IP on outside interface, everything gets internet through this IP
1.1.1.2 <-> 10.10.10.10 static NAT to mailserver, secured with ACLs
I need to enable the mailserver to continue to appear to the world as living on 1.1.1.2, due to MX records and rDNS settings, etc...
The terminology for this setup escapes me at the moment. Any pointers?
Solved! Go to Solution.
05-28-2013 06:11 PM
Hello Mathew,
The PAT statements work bidirectionall. Lets say that you have statements for ports 25,80 and 443. The traffic generated from the server on those ports its still going to use the 1.1.1.2 IP for going out.
Let me know if you have any doubt or question.
-Eddy Duran
05-28-2013 06:11 PM
Hello Mathew,
The PAT statements work bidirectionall. Lets say that you have statements for ports 25,80 and 443. The traffic generated from the server on those ports its still going to use the 1.1.1.2 IP for going out.
Let me know if you have any doubt or question.
-Eddy Duran
05-31-2013 09:52 AM
I ended up having to put a dynamic nat to the inside host for the secondary outside IP. this allowed the traffic generated from the server to go out the correct public ip.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide