Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
1274
Views
10
Helpful
6
Replies
de fl
Beginner
Beginner
‎01-15-2015 01:03 PM
‎01-15-2015 01:03 PM

NAT port 25 to 587 for an SMTP application

We have 2 network devices that use open relay (port 25, no authentication) to send status emails.  Our internal mail server requires authentication to send email over port 25.  How can we get these 2 devices to send email.  Can I forward the port 25 requests from the devices to port 587 on the mail server?  

Labels:
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions
Jon Marshall
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
In response to de fl
‎01-15-2015 01:42 PM
‎01-15-2015 01:42 PM

Unfortunately that switch doesn't support NAT.

So unless you can insert a device that can between the clients and server you are not going to be able to do it, at least from a network perspective.

Jon

View solution in original post

0 Helpful
6 REPLIES 6
Jon Marshall
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
‎01-15-2015 01:19 PM
‎01-15-2015 01:19 PM

If you are asking can you translate the port then if you have the right equipment then yes.

If you are asking whether sending it to port 587 will mean the e-mail is accepted then no idea :-)

Assuming the first is there a router between the mail server you want to send the e-mails to and those sending the e-mails.

Need to understand the network layout.

Jon

de fl
Beginner
Beginner
In response to Jon Marshall
‎01-15-2015 01:28 PM
‎01-15-2015 01:28 PM

Thanks Jon!  We are trying to translate the port.  Both devices are internal.  The devices are on separate subnets with a Layer 3 switch in between, which is doing the routing.  

 

0 Helpful
Jon Marshall
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
In response to de fl
‎01-15-2015 01:31 PM
‎01-15-2015 01:31 PM

What is the L3 switch ie. what model.

The majority of L3 switches do not support NAT so you may be out of luck unless you can insert a firewall/router in between.

Jon

de fl
Beginner
Beginner
In response to Jon Marshall
‎01-15-2015 01:39 PM
‎01-15-2015 01:39 PM

Its a WS-C4900M running cat4500e-ipbase-mz.122-46

0 Helpful
Jon Marshall
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
In response to de fl
‎01-15-2015 01:42 PM
‎01-15-2015 01:42 PM

Unfortunately that switch doesn't support NAT.

So unless you can insert a device that can between the clients and server you are not going to be able to do it, at least from a network perspective.

Jon

View solution in original post

0 Helpful
Karsten Iwen
VIP Mentor VIP Mentor
VIP Mentor
‎01-15-2015 02:10 PM
‎01-15-2015 02:10 PM

Your plan is using the wrong tool for this tasks. For SMTP (TCP/25) authentication is optional and the mail-server could be configured to accept mails based on the source address of the two network-devices. But for submission (TCP/587) there MUST be an authentication (thats mandated by the RFC 4409). So you will also end up with the need to authenticate.

Have you also checked if you can upgrade the devices? Perhaps a newer software is capable of smtp-auth.


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor
or share a meal with a hungry child.
0 Helpful
Latest Contents
SD-WAN Advanced Deployment | Part.1
Created by Mohamed Alhenawy on 04-16-2021 12:13 AM
0
10
0
10
Today I'm going to talk about SD-wan including SD-WAN advanced lab ,, first thing let's take a small brief about the SD_WAN.  What is SD-WAN?   SD-WAN is Software define wide area network and SD-WAN is key part of the technology o... view more
Cisco Meraki IoT specialist will introduce you to new and in...
Created by sullskog on 04-15-2021 01:09 AM
0
0
0
0
Leopold Fisher, Cisco Meraki IoT specialist, will introduce you to new and innovative additions to the Meraki portfolio coming in April 2021.         Meraki Vision Session MV smart camera range is getting big... view more
Dynamic Routing Protocols with IPv6: Configuration, Verifica...
Created by ciscomoderator on 04-13-2021 02:39 PM
0
5
0
5
To participate in this event, please use the  button to ask your questions Dynamic Routing Protocols & IPv6 Have any questions on dynamic routing protocols with IPv6? In this event we will answer all your questions related to dynamic routing pro... view more
SD-WAN Advanced Deployment | Part.1
Created by Mohamed Alhenawy on 04-13-2021 09:24 AM
0
10
0
10
Today I'm going to talk about SD-wan including SD-WAN advanced , first thing let's take a small brief about the SD_WAN.What is SD-WAN? SD-WAN is Software define wide area network and SD-WAN is key part of the technology of software-definednetworking ... view more
Living on the Edge with the Secure Cats
Created by almuench on 04-07-2021 01:34 PM
0
0
0
0
The cat's out of the bag! In October 2020, Cisco announced the Next Generation of Enterprising Routing Platforms: the Catalyst 8000 Edge Platforms Family including the Catalyst 8200, Catalyst 8300, Catalyst 8500, and Catalyst 8000V. The new family of Cats... view more
Content for Community-Ad