chetweewax
asked on
Barracuda with ASA 5505
I have an ASA 5505 configured on our system which has been working great up until I try to Forward port 25 to a Barracuda spam firewall. Our smtp and http both come over the same ip address xx.xx.xx.197, so on the ASA the NAT was real 192.xx.xx.115 translated to the xx.xx.xx.197. My problem is now I need the emails coming over port 25 to go to 192.xx.xx.117. So when I make the changes on the firewall for (PAT) http to go to 192.xx.xx.115 and smtp to 192.xx.xx.117, everything seemed ok except mails sent to aol are hanging in my exchange server queue. It only seems to be a problem with aol but there maybe others.
Anytime I add port address translation even if i send it to .115 i get the hang in the Queue.
I am not a Cisco expert by any shape of the imagination, I only make changes using the ASDM and am not too familiar with Cisco command line, Please don't hold that against me.
Anytime I add port address translation even if i send it to .115 i get the hang in the Queue.
I am not a Cisco expert by any shape of the imagination, I only make changes using the ASDM and am not too familiar with Cisco command line, Please don't hold that against me.
ASKER
You are correct it goes out .194
Is there a work around?
Is there a work around?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks 3nerds ... I contacted my ISP to have the reverse record changed for .194. And now I am keeping my fingers crossed.
If you use PAT instead of NAT on an ASA the traffic will come in .197 but when they go out the will go out your outside interfaces address which maybe .195 or some such.
With static NAT it comes in .197 and then goes back out .197.
The problem with this will be if aol or anyone is doing a reverse dns lookup and now the records don't match.
Good Luck,
3nerds