Ok so, I have an ASA acting as a firewall for a bunch of hosted servers, includig a bunch of Small Business servers. Each customer server is on its own vlan and are trunked into the asa. My office mail server is on the inside interface.
Inside 192.168.1.0 =vlan1 my mail server at 192.168.1.5
trunk10 192.168.10.0 =vlan10 pat/nat to xxx.xxx.xxx.163
trunk20 192.168.20.0 =vlan20 pat/nat to xxx.xxx.xxx.164
trunk30 192.168.30.0 =vlan30 pat/nat to xxx.xxx.xxx.165
pat/nat rules are set up so that each customer has their own public ip for services they are running (https/mail mostly)
I've got some other stuff going on but thats the key config.
Everything works great except that hosted customers cant send me emails and viseversa as well as inter-customer. I understand why thats not allowed but I need to get it to work in a scaleable way with out something crazy. Best I can tell I either need to route inter-customer mail internally and do a bunch on the exchange/dns side, ot get the asa to allow traffic on port 25 between the outside interface IPs.
Also if something above is totally jacked up let me know.
We’re excited to announce new capabilities with Secure Endpoint that allow you to simplify your security and maximize your security operations: Unify your security stack and reduce agent fatigue with Cisco Secure Client; harness integrated risk-based vuln...
Listen: https://smarturl.it/CCRS8E47 Follow us: twitter.com/ciscochampions
Ransomware, fileless malware, and zero-day attacks continue to target organizations around the world. In response, organizations have resorted to deploying a variety of d...
This is a general information page for Cisco Threat Centric (TC-NAC) with ISE
Threat Centric Network Access Control (TC-NAC) feature enables you to create authorization policies based on the threat and vulnerability attributes received from the th...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...
Cisco Secure Endpoint (formerly AMP for Endpoints) will decommission legacy cloud servers, which results in Legacy Windows Connector Versions 3.x/4.x and Mac Connector Version 1.0.x ceasing to ...