Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3368
Views
0
Helpful
20
Replies

NAT OUT EXCHANGE SERVER

Go to solution
Jesutofunmi O
Level 1
Level 1

‎09-15-2018 07:14 AM

Hello Guys, 

 

I have two IPs from my ISP. Only one is working now, connected to the outside interface of my ASA. I have tried to configure a static NAT to my Exchange Server all to no avail. I tried it with a web server and it worked just fine. How do I NAT out an exchange server with ASA FW 5515-x

Labels:
0 Helpful
20 Replies 20

Go to solution
Martin Carr
Level 4
Level 4
In response to Jesutofunmi O

‎09-18-2018 07:58 AM

For you to achieve what you want you need three NAT statements, which you have.

However, what you have done is use the same statements for the same network object, which is effectively just changing it (as you found).

You would need three network objects, i.e. Exchange443 etc.

Then create those statements using the respective service, so port 443 (HTTPS) in this example.

Network objects are always used within the ASA, the reason being is a change on an object will change it everywhere it's used.

Martin

 

 

0 Helpful

Go to solution
Jesutofunmi O
Level 1
Level 1
In response to Martin Carr

‎09-18-2018 08:14 AM

Alright. Thank you Martin. 

I will try it and feedback.

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to Jesutofunmi O

‎09-18-2018 08:44 AM

Hello,

 

as stated earlier, you probably need to translate and add to your access list TCP ports 80/110/143/443/587/993/995.

 

What is the result of packet tracer ?

0 Helpful

Go to solution
Jesutofunmi O
Level 1
Level 1
In response to Martin Carr

‎09-21-2018 04:32 AM

Hello Martin, Georg and Paul,

Thanks so much for your support. 

The issue all along was the NAT statement. Assuming the first NAT statement is NAT-ting out port 25, everytime I had tried to add another port (say 443), the new one removes the former. To connect to the mail server, I would at least need 443 and 25.

 

It is working now.

 

Much regards.

0 Helpful

Go to solution
Jesutofunmi O
Level 1
Level 1
In response to Martin Carr

‎09-21-2018 04:32 AM

Hello Martin, Georg and Paul,

Thanks so much for your support. 

The issue all along was the NAT statement. Assuming the first NAT statement is NAT-ting out port 25, every time I had tried to add another port (say 443), the new one removes the former. To connect to the mail server, I would at least need 443 and 25.

 

It is working now.

 

Much regards.

0 Helpful

Go to solution
Jesutofunmi O
Level 1
Level 1
In response to Martin Carr

‎09-21-2018 04:33 AM

Hello Martin, Georg and Paul,

Thanks so much for your support. 

The issue all along was the NAT statement. Assuming the first NAT statement is NAT-ting out port 25, every time I had tried to add another port (say 443), the new one removes the former. To connect to the mail server, I would at least need 443 and 25.

 

It is working now.

 

Much regards.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card