01-25-2011 02:25 AM - edited 03-06-2019 03:10 PM
Hello
I have an 878 SDSL router that is connected to a firewall.
Here are the details of the setup (addresses have been changed):
The router address is 192.168.1.1 and the firewall address is 192.168.1.3. The public address set on the Dialer interface is 212.10.1.2 but they also have an outside public subnet that is routed to this which is 212.11.15.1/29.
What I am trying to achieve is to NAT on different addresses depending on the protocol of the traffic. What I want is for all mail traffic (smtp on port 25) to go in and out on the Dialer address 212.10.1.1 but all other traffic (http, etc) to go in and out on 212.11.15.2.
Here is the relevant config I added:
ip inspect name FW smtp
!
interface Dialer0
ip inspect FW out
!
!
ip nat inside source static tcp 192.168.1.3 25 int Dialer0 25
ip nat inside source static 192.168.5.3 212.11.15.2
However this did not seem to work. Mail used 212.11.15.2 rather than the dialer address. Is there a problem with my config? Or a better way of achieving this solution?
Many thanks for your help in advance
Ronnie
01-25-2011 03:50 AM
Hi Ronnie,
You can achive that by using routemap under nat statement.
Create a routemaps like below
route-map SMTPTRAF permit 10
match ip address smtptraffic
route-map SMTPTRAFDENY permit 10
match ip address smtptrafficdenied
ip nat inside source static 192.168.1.3 int Dialer0 route-map SMTPTRAF
ip nat inside source static 192.168.5.3 212.11.15.2 route-map SMTPTRAFDENY
ip access-list extended smtptraffic
permit tcp host 192.168.1.3 any eq smtp
deny tcp any any
deny udp any any
ip access-list extended smtptrafficdenied
deny tcp host 192.168.1.3 any eq smtp
permit tcp any any
permit udp any any
Hope this helps you...
Regards,
Naidu.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide