Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 171
  • Last Modified:

PIX 506e - Exchange Internal - One Public IP?

HI,
I am trying to get the following scenerio to work:
I have one IP address that the DSL carrier has povied me for the OUTSIDE interface. I need to Have all internal systems go out through this interface ( I am currently using PAT ), I also need to forward port 25 traffic that goes to the OUTSIDE interface to forward to an internal Exchange Server.

The problem that I am having is that when I enable the port 25 translation on the outside interface, I loose the ability to get to the internet from internally.

Can you have the outside interface translate this way, or do I have to get an additional IP from the carrier?
0
eheuser
Asked:
eheuser
  • 2
1 Solution
 
lrmooreCommented:
Yes, you can use port redirection:
example, using inside IP 192.168.1.61 as your Exchange server:

! first, turn off fixup smtp
no fixup protocol smtp 25

! create a static port map
static (inside,outside) tcp interface 25 192.168.1.61 25 netmask 255.255.255.255

! create an access-list for inbound smtp email
access-list outside_access_in permit tcp any interface outside eq 25
OR:
access-list outside_access_in permit tcp any host (outside IP) eq 25

! apply the access-list
access-group outside_access_in in interface outside

! badabing, that's it !

0
 
lrmooreCommented:
Are you still working on this? Do you need more information?
0
 
eheuserAuthor Commented:
Thanks, I am all set....
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now