Hi Guys,
I have recently purchased a CISCO ASA5505 Firewall, and want to use it to push email traffic through to our mail filtering device.
I have created a rule to allow external traffic on port 25 through to the device, but am unsure if this is enough to get it to work. I think i may need to create a port forward to force the traffic on.
Can anyone advise me? (this is a live system and do not want to turn something off in order to test it, as i am unsure)
Thanks,
Pete
Have you created a NAT rule to translate the external IP to the internal IP of the mail filtering device? It depends on what version of ASDM you're using, but it should be in Configuration -> Firewall -> NAT rules. If you're using the CLI I'm already out of my league
I am using the ASDM version 6.3.
I figured that NAT-ing the address wouldn't be required if i were pushing all the SMTP trafffic through from the external interface to the internal interface to an internal IP assigned to the device?
From what I'm reading at the link below, it appears that you need a NAT rule if you want to pass traffic between interfaces with two different security levels:
Cisco ASA 5500 Series Configuration Guide using the CLI, 8.2 - Configuring NAT Control* [Cisco ASA 5500 Series Adaptive Security Appliances] - Cisco Systems
I dunno if this will help you but we have a seperate IP address for our mail too which is set in our ASA5510 box. Basically i had to set up a route from the Static outside address to the inside address and thats all i did.
So you mean, just adding a static route of the external IP of the device to the internal IP of the device? or to the internal IP of the email server?
The external IP to the internal IP of my Mail server.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
