Send Inside Traffic Out Particular Outside IP Address on Cisco ASA

I have a mail server on the inside of my network, I have established all of the ACL's and NAT Statements on the ASA and traffic is flowing correctly inbound. However when the mail server sends traffic outbound ( to external networks) it uses the ASA Primary IP on the outside interface. I would like to force the outbound traffic to external networks to use a particular IP Address (the one that is NAT'ed) for SMTP. As the NAT Statements are already in place and functioning is this a matter of using an extended ACL? If so how should it be constructed? Thank you in advance for the assistance.
bhagsupportAsked:
Who is Participating?
 
Yves AccadNetwork Security EngineerCommented:
You will need something like this:
object network yourmailserver-object
   nat (Inside, Outside) static publicipaddress

That's assuming you're have:
 object network yourmailserver-object
     host privateipaddress
0
 
Pete LongTechnical ConsultantCommented:
You need a static IP (or wha tI call a one-to-one NAT)

Dont forget you will also need to change your public DNS records so that the new IP is used !!

Setting up the Correct DNS Records for your Web or Mail Server

Right to actually setup the NAT see the following article;

Add a Static (One to One) NAT Translation to a Cisco ASA 5500 Firewall

Pete
0
All Courses

From novice to tech pro — start learning today.