Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.
Course Of The Month
3 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
PIX 506e - Exchange Internal - One Public IP?
Posted on 2004-04-07
HI,
I am trying to get the following scenerio to work:
I have one IP address that the DSL carrier has povied me for the OUTSIDE interface. I need to Have all internal systems go out through this interface ( I am currently using PAT ), I also need to forward port 25 traffic that goes to the OUTSIDE interface to forward to an internal Exchange Server.
The problem that I am having is that when I enable the port 25 translation on the outside interface, I loose the ability to get to the internet from internally.
Can you have the outside interface translate this way, or do I have to get an additional IP from the carrier?
I am trying to get the following scenerio to work:
I have one IP address that the DSL carrier has povied me for the OUTSIDE interface. I need to Have all internal systems go out through this interface ( I am currently using PAT ), I also need to forward port 25 traffic that goes to the OUTSIDE interface to forward to an internal Exchange Server.
The problem that I am having is that when I enable the port 25 translation on the outside interface, I loose the ability to get to the internet from internally.
Can you have the outside interface translate this way, or do I have to get an additional IP from the carrier?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
3 Comments
Active 4 days ago
Yes, you can use port redirection:
example, using inside IP 192.168.1.61 as your Exchange server:
! first, turn off fixup smtp
no fixup protocol smtp 25
! create a static port map
static (inside,outside) tcp interface 25 192.168.1.61 25 netmask 255.255.255.255
! create an access-list for inbound smtp email
access-list outside_access_in permit tcp any interface outside eq 25
OR:
access-list outside_access_in permit tcp any host (outside IP) eq 25
! apply the access-list
access-group outside_access_in in interface outside
! badabing, that's it !
example, using inside IP 192.168.1.61 as your Exchange server:
! first, turn off fixup smtp
no fixup protocol smtp 25
! create a static port map
static (inside,outside) tcp interface 25 192.168.1.61 25 netmask 255.255.255.255
! create an access-list for inbound smtp email
access-list outside_access_in permit tcp any interface outside eq 25
OR:
access-list outside_access_in permit tcp any host (outside IP) eq 25
! apply the access-list
access-group outside_access_in in interface outside
! badabing, that's it !
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management? Have you ever backed up the firewall policy residing on the SmartCenter? If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
- Document Management
- Printers and Scanners
- Document Imaging
- Software-Other
- Images and Photos
- Adobe Acrobat, Photos / Graphics Software, Security, OCR, *PDF
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special.
It's completely agentless, but does let you create an agent, if you desire.
It offers powerful scalability …
Suggested Courses
Course of the Month3 days, 16 hours left to enroll
690 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.