Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
843
Views
0
Helpful
1
Replies

Help me with NAT in ASA 8.4.2

Mohammed Makki Ali
Level 1
Level 1

‎06-27-2012 07:54 AM - edited ‎03-11-2019 04:23 PM

Hello..

I am trying to port forwarding Exchange 2010 OWA using ASA5505, wherever I used object NAT or Twice NAT it just doesn't work.... here is my config:

access-list outside-access remark "Exchange Server Access Rules"

access-list outside-access extended permit tcp any host <public x.x.x.11> eq smtp

access-list outside-access extended permit tcp any host <public x.x.x.11> eq https

object network exchange-smtp

host <private x.x.x.8>

nat (dmz,outside) static <public x.x.x.11> service tcp smtp smtp

exit

object network exchange-https

host <private x.x.x8>

nat (dmz,outside) static <public x.x.x.11> service tcp https https

exit

note that i use public ip  <public x.x.x.9> on the outside interface for PAT, so all hosts in the same private can access internet

thax

2 people had this problem
Labels:
0 Helpful
1 Reply 1

Mohammed Makki Ali
Level 1
Level 1

‎06-27-2012 09:32 AM

just figured it out...the soultion was simple after doing a packet tracer which is give me a packet drop due to acl rules I just reconfigured my acl to be like this:

access-list outside-access remark "Exchange Server Access Rules"

access-list outside-access extended permit tcp any host eq smtp

access-list outside-access extended permit tcp any host eq https

and it worked like charm..

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card