Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
737
Views
3
Helpful
2
Replies

Mail Server access Internal->external->internal

msommerville
Level 1
Level 1

‎02-07-2007 03:57 AM - edited ‎03-11-2019 02:30 AM

Hi,

I'm an IOS FW newbie, so please bear with me.

I have my mail server hosted on my LAN and NAT'ed thus:

ip nat inside source static tcp LAN-IP 25 interface FastEthernet0 25

ip nat inside source static tcp LAN-IP 110 interface FastEthernet0 110

access-list 109 permit tcp any host OUTSIDE-IP eq pop3

access-list 109 permit tcp any host OUTSIDE-IP eq smtp

Which works fine for external access but my problem is, as ever, salesmen. They use laptops on the road and connect to the LAN when in the office. Their mail config uses our mail (both out & in) which resolves to the external interface IP.

This doesn't work when they're in the office as they get a connection refused. I presume that this is because they are coming from a LAN address and trying to connect to the external (NAT'ed) address via the Firewall (twice). What do I need to do to allow this? Any suggestions gratefully received.

TIA

Regards,

Malcolm

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎02-07-2007 01:47 PM

You could set the name to the internal IP through DNS when connected inside.

On your internal DNS server, set the name to resolve to the internal IP. When on the outside, the sales people will use public DNS to get the correct name.

HTH and please rate

msommerville
Level 1
Level 1
In response to Collin Clark

‎02-08-2007 02:42 AM

Thanks. This is, in fact, what I've done as a workaround, but it's a bit of a kludge - I'd rather have a router/FW based solution.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card