01-06-2012 06:54 AM - edited 03-11-2019 03:11 PM
I have an issue, which I know what it is, do not know how to solve!!
On the inside interface and network, we have a server at, (as an example) 192.168.87.1, which acts as an email server.
The outside ip address of the ASA is, say, 200.0.0.1.
The ASA directs any imap requests from the outside interface to 192.168.87.1, which works fine from the outside. Users simply open up email, and collect emails etc.
Butt.. wwhen they come inside the office, their machine of course attempts to contact the ip address 200.0.0.1. the ASA knows it is outside interface, so they are unable to collect emails.
Any ideas as to how solve this issue, so that any internal IMAP requests from machines on the inside to 200.0.0.1 are directed to the machine inside on 192.168.87.1?
01-06-2012 07:31 AM
Hi,
Yes you would need to configure u-turning on the ASA for it, can you let me know the ASA version that you aere using???
If its pre 8.3 then this should be your config:
nat (inside) 1 0.0.0.0 0.0.0.0
global (inside) 1 interface
static (inside,inside) 200.0.0.1 192.168.87.1 norand nailed
same-security-trafic permit intra-interface
Hope it helps,
Thanks,
Varun
01-06-2012 08:11 AM
Version 8.2 (2)
Will the config redirect all traffic - i only want it to redirect imap
Mark
01-06-2012 08:33 AM
If you only want imap then you can use port forwarding:
static (inside,inside) tcp 200.0.0.1 143 192.168.87.1 143 norand nailed
Thanks,
Varun
01-06-2012 08:56 AM
Is there a easy way to do this via the graphical interface?
I tried enterting this via command line, and got told "invalid host"
It is highling the nailed part of the command!
01-06-2012 09:03 AM
Hi,
Its a bit difficult for me to explain it on the firum, how to do it through the GUI, but you can definitely refer the configuration guide for it:
http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guide/about.html
Thanks,
Varun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide