Solved

Ollow 443 and 25 traffice to new mail server behind Cisco ASDM 6.1 for ASA

Posted on 2009-04-14
1
647 Views
Last Modified: 2012-05-06
I am putting a new mail server in for a company and they are using a Cisco device which has ASDM 6.1 for ASA.  The firewall was setup by someone else who is out of contact and I have never used this device before.  I need to have ports 25 and 443 open and allowed through to the server for mail and OWA.  The server is on the internal network (not the dmz) and I have an external static ip address.  Can someone give me the steps I need to take to get this done?  I don't want to change any of there existing rules or I would set it back to default and run the wizard.  Any help would be greatly appreciated.

Thanks!
0
Comment
Question by:jdltek
1 Comment
 
LVL 6

Accepted Solution

by:
ricks_v earned 500 total points
ID: 24144214
To start with,
if you have asdm running on your pc, simply login using asdm / console/ telnet.
ASDM is used for GUI acces to the device. Personally, I prefer the CLI, but would say the ASDM is also pretty good.

it's always good to have mail server to be in dmz for security reason.
but if you want to get it running on the inside that's fine.
what you need is a PAT or port forwarding from outside to inside.

here's a useful link from one of EE member
http://www.petenetlive.com/Tech/Firewalls/Cisco/portforward.htm

You need to start with modifying ACL, then use the command:
static (inside,outside) tcp interface smtp x.x.x.x smtp netmask 255.255.255.255

x.x.x.x if the mail server sitting on the LAN side.





0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Opening Ports 18 83
Does Cisco ASA 5506-X have full dmz capabilities 3 37
2960 and a VLAN id of 1237 2 49
setup wamp server for first time 2 43
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now