NAT different for outgoing mail

totallygeek · ‎03-31-2008

I currently am NAT'ing all RFC-1918 addresses out the firewall to the Internet. However, I want outgoing mail to appear to originate from a different IP.

So, 10.0.0.1 NATs out as 1.1.1.50

10.0.0.2 (a mail server) should browse Internet appearing to be 1.1.1.50

10.0.0.2 should connect to remote tcp/25 appearing to be from 1.1.1.75

Any way to accomplish this?

i-kendall · ‎04-01-2008

I am sure it can be done. If you create an access list for the e-mail traffic, and a separate one for other traffic, and apply each to a different nat statement. The syntax for the nat is a bit different for a router or PIX/ASA,you don't say which you have, but is broadly the same technique.

Hope this helps.

Regards,

Iain

totallygeek · ‎04-01-2008

Sorry, the system is an ASA 5500.

abinjola · ‎04-01-2008

nat (inside) 1 10.0.0.1

global (outside) 1 1.1.50

access-l abc permit ip host 10.0.0.2 any

nat (inside) 10 access-l abc

global (outside) 10 1.1.1.50

access-l def permit tcp host 10.0.0.2 any eq 25

nat (inside) 20 access-l def

global (outside) 20 1.1.1.75

NAT different for outgoing mail

Lab - EIGRP Different AS Distribute-List Offset List

SecureX Orchestration: Send Mail の設定例 : Gmail 利用時

Re: Understanding the differences between the Cisco password \ secret

Help - PC's from different VLAN'S can't communicate

CUCM mail notification