cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1163
Views
0
Helpful
11
Replies

Config router and NAT for exchange

khhhhhhhh957
Level 1
Level 1

Hi,

Here is my problem :

I can send emails with exchange but I do not receive any mail and I do not have access to owa from the outside ..

Do you have any idea of ​​the problem?

11 Replies 11

Pranay Prasoon
Level 3
Level 3

is this the static NAT? Are you getting emails from outside on port 587?

ip nat inside source static tcp 192.168.0.205 25 217.11.45.106 587

Yes,

Here is the old configuration of my non-cisco router on which I based

Hi,

I would first suggest to take capture or test acl on outside interface in ingress direction on port 587 with log keyword and see if the traffic is coming. The NAT will only work if smtp traffic coming from outside is in dst port 587.

Tx

Hello

To add to Pranay comments

ip nat inside source static tcp 192.168.0.205 25 217.11.45.106 587 extendable
ip access-list extended DATA
 permit icmp 192.168.0.0 0.0.0.255 any
 permit tcp 192.168.0.0 0.0.0.255 any eq www 443 587 smtp 9233 389 443 587 1434 <---- Should be above

ip access-list extended LAN
 permit icmp any any
 permit tcp 192.168.0.0 0.0.0.255 192.168.20.0 0.0.0.255 eq www 443 587 smtp 9233 389 443 587 1434 <---- Should be above

route-map PBR permit 10
 match ip address DATA
 set ip next-hop 217.11.45.105 <---- what is this?

You have PBR going to 217.11.45.105 but your inside gloabl nat is 217.11.45.106, and these access-lists are the wrong way around, the more specific ACEs needs to be higher up in the stanza

First of all try amending your acl
ip access-list extended DATA
no 10
30 permit icmp 192.168.0.0 0.0.0.255 any
exit
ip access-list extended LAN
no 10
30 permit icmp any any
exit
ip access-list resequence DATA 10 10
ip access-list resequence LAN 10 10

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi,

Thank you very much for your help.

This is my schéma and my configuration file. 

Do you think the configuration is ok with respect to the schema. ?

Everything seems to work except port forwarding

And this is my config file

Hello

You have a next-hop address of 217.11.45.106 however in you PBR stanza next hop is stating 217.11.45.105

route-map PBR permit 10
 match ip address DATA
 set ip next-hop 217.11.45.105 <---- what is this?

res
paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

The 105 is the ip address of the modem and the 106 is that of the router

Hello 

so your next hop is .106 -

can you please try changing the route-map next hop statement to .106

res

paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hello

Thank you for your response. 

I also have to change that of the default route? ip route 0.0.0.0 0.0.0.0 217.11.40.105 to ip route 0.0.0.0 0.0.0.0 217.11.40.106 ?

Hello

please revert those changes - I have just noticed your attched file of router3

it shows two outside  interfaces with one dhcp enabled and two default static with no preference  between them

once you have reverted those changes can you do your this:

No ip route 0.0.0.0 0.0.0.0 192.1681.1

ip route 0,0,0,0 0.0.0.0 dhcp

then can you confirm which default if any should be the preferred path 

res

paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Review Cisco Networking for a $25 gift card