Help me with NAT in ASA 8.4.2

Mohammed Makki Ali · ‎06-27-2012

Hello..

I am trying to port forwarding Exchange 2010 OWA using ASA5505, wherever I used object NAT or Twice NAT it just doesn't work.... here is my config:

access-list outside-access remark "Exchange Server Access Rules"

access-list outside-access extended permit tcp any host <public x.x.x.11> eq smtp

access-list outside-access extended permit tcp any host <public x.x.x.11> eq https

object network exchange-smtp

host <private x.x.x.8>

nat (dmz,outside) static <public x.x.x.11> service tcp smtp smtp

exit

object network exchange-https

host <private x.x.x8>

nat (dmz,outside) static <public x.x.x.11> service tcp https https

exit

note that i use public ip <public x.x.x.9> on the outside interface for PAT, so all hosts in the same private can access internet

thax

Mohammed Makki Ali · ‎06-27-2012

just figured it out...the soultion was simple after doing a packet tracer which is give me a packet drop due to acl rules I just reconfigured my acl to be like this:

access-list outside-access remark "Exchange Server Access Rules"

access-list outside-access extended permit tcp any host eq smtp

access-list outside-access extended permit tcp any host eq https

and it worked like charm..