Solved: Re: FTD second IP Address

elopraha1 · ‎11-05-2021

I am configuring Cisco FTD 1100. Need to use three IP addresses on outside interface. Is there nay way how to do that?

Thank You

Jaromir

Marius Gunnerud · ‎11-06-2021

Then you would only need to NAT the second public IP to the SMTP server. If the second public IP is not in the same subnet as your FTD outside interface then you need to make sure that your ISP is routing that IP / subnet towards your FTD, then NAT will take care of the rest. The interface needs to be configured to perform proxy ARP, but this is enabled by default. So, unless you have made changes to this you should be all good to just configure NAT.

In addition you will need to configure access control policy rules to allow traffic to the SMTP server on port tcp/25.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

Marius Gunnerud · ‎11-05-2021

What will you be using the IPs for? NAT is one option

--
Please remember to select a correct answer and rate helpful posts

elopraha1 · ‎11-06-2021

I will use it for SMTP server.

Marius Gunnerud · ‎11-06-2021

Then you would only need to NAT the second public IP to the SMTP server. If the second public IP is not in the same subnet as your FTD outside interface then you need to make sure that your ISP is routing that IP / subnet towards your FTD, then NAT will take care of the rest. The interface needs to be configured to perform proxy ARP, but this is enabled by default. So, unless you have made changes to this you should be all good to just configure NAT.

In addition you will need to configure access control policy rules to allow traffic to the SMTP server on port tcp/25.

--
Please remember to select a correct answer and rate helpful posts

elopraha1 · ‎11-09-2021

Thank You
it Works. Nat has to be Auto NAT .

Jaromir

sherali mamatkarimov · ‎06-01-2024

can you share with config as image?