02-07-2007 03:57 AM - edited 03-11-2019 02:30 AM
Hi,
I'm an IOS FW newbie, so please bear with me.
I have my mail server hosted on my LAN and NAT'ed thus:
ip nat inside source static tcp LAN-IP 25 interface FastEthernet0 25
ip nat inside source static tcp LAN-IP 110 interface FastEthernet0 110
access-list 109 permit tcp any host OUTSIDE-IP eq pop3
access-list 109 permit tcp any host OUTSIDE-IP eq smtp
Which works fine for external access but my problem is, as ever, salesmen. They use laptops on the road and connect to the LAN when in the office. Their mail config uses our mail (both out & in) which resolves to the external interface IP.
This doesn't work when they're in the office as they get a connection refused. I presume that this is because they are coming from a LAN address and trying to connect to the external (NAT'ed) address via the Firewall (twice). What do I need to do to allow this? Any suggestions gratefully received.
TIA
Regards,
Malcolm
02-07-2007 01:47 PM
You could set the name to the internal IP through DNS when connected inside.
On your internal DNS server, set the name to resolve to the internal IP. When on the outside, the sales people will use public DNS to get the correct name.
HTH and please rate
02-08-2007 02:42 AM
Thanks. This is, in fact, what I've done as a workaround, but it's a bit of a kludge - I'd rather have a router/FW based solution.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide