qman2007
asked on
Configure Exchange 2003 Behind Cisco ASA
Hi,
I want to setup an exchange server behind Cisco ASA. I have a static ip from the ISP with Subnet mask and Gateway details. My setup is as mentioned below.
Static IP from ISP - 80.227.*.*
Subnet Mask - 255.255.255.252
Gateway - 80.227.**
My internal IP is 192.168.1.0/24 and my mail server ip is 192.168.1.7
I know in ASA for outside interface i should give the Static Ip i have with Subnet mask from ISP and by setting up default gateway on routing i should be able to browse the network from my LAN. (Correct me if i am wrong)
I have an MX record for my domain with the static ip i am having.
What i want to know is how i should configure mails coming to the static ip to go to the exchange server with LAN ip 192.168.1.7
For eg i want all traffic coming from outside on ports http, https, pop3, smtp and IMAP to go to mail server.
Thanks
Qman
I want to setup an exchange server behind Cisco ASA. I have a static ip from the ISP with Subnet mask and Gateway details. My setup is as mentioned below.
Static IP from ISP - 80.227.*.*
Subnet Mask - 255.255.255.252
Gateway - 80.227.**
My internal IP is 192.168.1.0/24 and my mail server ip is 192.168.1.7
I know in ASA for outside interface i should give the Static Ip i have with Subnet mask from ISP and by setting up default gateway on routing i should be able to browse the network from my LAN. (Correct me if i am wrong)
I have an MX record for my domain with the static ip i am having.
What i want to know is how i should configure mails coming to the static ip to go to the exchange server with LAN ip 192.168.1.7
For eg i want all traffic coming from outside on ports http, https, pop3, smtp and IMAP to go to mail server.
Thanks
Qman
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
haha, beat by the faster typist.
<8-}
ASKER
Guys,
Thanks for all your comments. Let me check the same and will come back to you. If anyone can tell me how to do the same using GUI (Connected to ASA using ADSM) it will be more helpfull. Sorry, i am not that great in Command.
Appreciate all your help
Thanks
Qman
Thanks for all your comments. Let me check the same and will come back to you. If anyone can tell me how to do the same using GUI (Connected to ASA using ADSM) it will be more helpfull. Sorry, i am not that great in Command.
Appreciate all your help
Thanks
Qman
Should be able to simply copy and paste the commands into the CLI without modification.
Should he be purchasing Cisco gear? Sorry Im just being an ass.
static (inside,outside) tcp interface smtp 192.168.1.7 netmask 255.255.255.255
Then you'll need an ACL:
access-list inbound extended permit tcp any host 80.227.*.* eq smtp
You'll need that for each port that you want forwarded to your server. Replace the * with the actual IP address numbers. This would be just for port 25.