05-09-2018 06:07 PM - edited 03-08-2019 02:58 PM
At location 1. Outgoing TCP port 25 is blocked from my ISP. Can I use 2 ASAs to tunnel that traffic to second ASA and then to the internet? Is there any possibility that this is gonna work?. See the picture please. I need to send an email from switch running EEM.
MY IDEA:
ASA 1:
object network SWITCH-POE
host 192.168.200.251
object network SMTP-SEZNAM
host 77.75.76.48
object network porici-public
host 88.100.63.27
object service smtp-port
service tcp destination eq smtp
object service change-port
service tcp destination eq 26
nat (inside,outside) source static SWITCH-POE SWITCH-POE destination static SMTP-SEZNAM porici-public service smtp-port change-port
ASA 2:
object network public-chicago
host 68.72.16.65
object network SMTP-SEZNAM
host 77.75.76.48
object network porici-public
host 88.100.63.27
object service smtp-port
service tcp destination eq smtp
object service change-port
service tcp destination eq 26
nat (outside, outside) source static public-chicago public-chicago destination static porici-public SMTP-SEZNAM service change-port smtp-port
05-09-2018 11:18 PM
This will add unnecessary complexity to your network. There are multiple solutions that I would prefer over the NAT-solution:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide