troubleshooting Question

PIX NAT based on port issues

Avatar of Telstar-Networks
Telstar-Networks asked on
Cisco
5 Comments1 Solution672 ViewsLast Modified:
Okay, so here is the goal:

mail.domain.com is set as a public IP, let's say 1.1.1.1

Inside the network, I am using a Sonicwall appliance in front of an SME mail server.

What I want is for outside requests for 1.1.1.1 on port 25 to use NAT to send the traffic to the Sonicwall for spam/av filtering.   When requests for 1.1.1.1 come in on port 80 or 443, I want NAT to send those to the SME server for webmail.  

What I have done so far is gone into the ASDM and set up a Static Policy in NAT to map 1.1.1.1 to the Sonicwall.  This works fine as long as I leave protocol on IP.  When I try to change the protocol to TCP port 25, the NAT stops working.  

I tried to leave the above rule using IP and then create a second one to NAT port 443 traffic on 1.1.1.1 to the SME server and then simply place that rule higher in importance than the other Static Policy, but, again, whenever I change protocol from IP to TCP 443, the NAT stops working completely.

Any ideas?  As you can guess, I am not very well versed in PIX or using NAT in it.
ASKER CERTIFIED SOLUTION
shuyun111

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros