[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

What Cisco ISO command do I use to route my Exchange Server Mail out to the right public IP address?

Posted on 2007-08-02
10
Medium Priority
?
374 Views
Last Modified: 2012-05-05
Hello Experts:

I have a Cisco 1720 router and I need to configure it to direct my Exchange Server's  mail traffic out a to a public ip address that my ISP provided.  Currently, all of my mail is going out the router's public IP address which as I understand is not a good thing.  What Cisco ISO command do I use to route my Exchange Server Mail out to the right public IP address?

Thanks for the help.
0
Comment
Question by:huntersp3
  • 6
  • 4
10 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 19619196
no ip nat inside source static tcp 192.168.168.111 25 interface XXXX 25
ip nat inside source static 192.168.168.111 12.34.56.7

Where Exchange server = 192.168.168.111
New public IP = 12.34.56.7
0
 

Author Comment

by:huntersp3
ID: 19619197
Hello Experts:

In additon, I have a statement in the Cisco router that points all in comming mail traffic to the inside IP address of my Barracuda spam filter that looks like this:

ip nat inside source static tcp 10.xxx.x.x 25 25.xxx.xx.xxx 25 extendable.

The incoming mail is working fine--do I need to use the same statement except use the IP address of exchange server and not the ip the Barracuda?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 19619249
Well, now that sort of depends. Which IP address does your MX record point to?
>Currently, all of my mail is going out the router's public IP address which as I understand is not a good thing.
It's only a bad thing if your MX record is different from your router's public IP address. If this is your MX record, then don't change anything.
If your MX record is the same as the one you have mapped for the Barracuda, and this is not the same as your interface IP, then you have some issues. You need to add a 2nd MX record with the 2nd IP address.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:huntersp3
ID: 19619325
Hello Irmoore:

My MX record in DNS points to the internal ip address of the exchange server and I don't have a MX record for the Barricuda.  The whole problem is that some mail systems are mistaking my company as a spammer because the see my routers ip address.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 19619426
The issue is that some mail systems do a MX lookup for your domain before accepting email from you.
Your public MX record should point to the public IP address that you have mapped as a static port nat on your router 25.xxx.xx.xxx
Outbound email goes out as your WAN interface's IP address.
It's an easy fix to just have 2 public MX records with both IP addresses, but have the one going to the spam filter as priority.
0
 

Author Comment

by:huntersp3
ID: 19621188
Hello lrmoore:

I believe I will try your no ip nat inside source static tcp command and see what happens.  I will check with the ISP to see what our public mx records are set at.  I will let you know tomorrow and thanks!!!
0
 

Author Comment

by:huntersp3
ID: 19625762
Hello lrmoore:

I have a nother question.  When using the no ip nat inside source static tcp 192.168.168.111 25 interface XXXX 25 command.  Which interface should I specify?  The FastEthernet0 interface or the Serial0 interface?
Thanks
0
 

Author Comment

by:huntersp3
ID: 19627595
Hello lrmoore:

Your no ip nat inside source static tcp statement solved the problem and thanks.  I learned alot through the ordeal.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 19627958
Good news. Thanks for the update

Generally speaking, to remove almost any line in Cisco config, use "no" in front of an exact duplicate of the line you want to remove..

examples:
 ip route 0.0.0.0 0.0.0.0 10.10.10.22  <== oops, that was supposed to be .1
 ip route 0.0.0.0 0.0.0.0 10.10.10.1  <== now we have two default gateways, it did not change the first one!
 no ip route 0.0.0.0 0.0.0.0 10.10.10.22  <== now we just have the correct one left


0
 

Author Comment

by:huntersp3
ID: 19628223
Hello lrmoore:

Thanks again.  The que really looks good--I believe you solved it.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question