Solved

PIX 506e - Exchange Internal - One Public IP?

Posted on 2004-04-07
3
165 Views
Last Modified: 2010-04-09
HI,
I am trying to get the following scenerio to work:
I have one IP address that the DSL carrier has povied me for the OUTSIDE interface. I need to Have all internal systems go out through this interface ( I am currently using PAT ), I also need to forward port 25 traffic that goes to the OUTSIDE interface to forward to an internal Exchange Server.

The problem that I am having is that when I enable the port 25 translation on the outside interface, I loose the ability to get to the internet from internally.

Can you have the outside interface translate this way, or do I have to get an additional IP from the carrier?
0
Comment
Question by:eheuser
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 10777745
Yes, you can use port redirection:
example, using inside IP 192.168.1.61 as your Exchange server:

! first, turn off fixup smtp
no fixup protocol smtp 25

! create a static port map
static (inside,outside) tcp interface 25 192.168.1.61 25 netmask 255.255.255.255

! create an access-list for inbound smtp email
access-list outside_access_in permit tcp any interface outside eq 25
OR:
access-list outside_access_in permit tcp any host (outside IP) eq 25

! apply the access-list
access-group outside_access_in in interface outside

! badabing, that's it !

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 10807732
Are you still working on this? Do you need more information?
0
 

Author Comment

by:eheuser
ID: 10818283
Thanks, I am all set....
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Content Filtering 1 to 1 Peer Review 1 95
Watchguard Firewall Setup 3 87
What does this mean to you?  Source side firewall 3 78
SSH over http/https 8 123
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now