[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 294
  • Last Modified:

Port Forwarding Question - Cisco Pix Firewall

We have a Cisco Pix Firewall v 6.1(4) that is fully configured and operational. E-mail comes in and goes to our Exchange server ( Http requests come in and go to Exchange also for Outlook Web Access. We purchased a Barracuda spam firewall ( and are trying to change the internal ip that smtp goes to while leaving Http requests as is.

I have tried various settings and cannot get this to work. Here are some of the lines from the original configuration.

access-list acl_inbound permit tcp any host eq smtp
access-list acl_inbound permit tcp any host eq http
alias (inside)
static (inside,outside) netmask 0 0

I removed the alias and static lines and added this line:

static (inside,outside) tcp smtp smtp netmask 0 0

I saved the configuration (I think?) "write terminal" and then "write memory" yet mail still goes to

Nowhere in the config does show up yet somehow the smtp packets still go there. How do I fix this to do what I want?

Thanks for the help.

1 Solution
See if this is what you did:

no static (inside,outside) netmask 0 0
no alias (inside)
clear xlate
static (inside,outside) tcp smtp smtp dns netmask
static (inside,outside) tcp https https dns netmask

If your v 6.1(4) chokes on the "dns" entry of the static above, then just don't put it in. This is the "new" version of "alias" command on 6.3(x). Highly suggest you upgrade to latest 6.3(4) and latest 3.02 PDM versions.

amkbaileyAuthor Commented:

It was the clear xlate command that did the trick.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now