PAT, One IP and SMTP

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
I have a PIX 515 and it is connected to one remote office with site-to-site
vpn IPSEC tunnel (pix 506) in addition to being the firewall for internet
access for the company. I need to host a MS Exchange 2000 server behind the
515. I understand that Exchange won't work with the mailguard feature
correctly so from what I have seen I should just setup SMTP forwarding to
the internal (private IP) Exchange box. However, when I run the first
command to do this, which is #static (inside, outside) x.x.x.x etc.. The vpn
stops and the internet access stops. So, my question what are the
commands/steps needed to forward SMTP traffic to a mailserver that is behind
a 515 using PAT for outbound traffic and assigned one IP address on the
external interface? Thanks in advance for anybody who can shed some light on


Re: PAT, One IP and SMTP

Quoted text here. Click to load it

You need to do PAT statics, not 1 to 1. You do this by specifying the
protocol and in your case using the outside IP which is specified by using
the word interface.

example: using as your mail servers private IP
static (inside,outside) tcp interface 25 25 netmask

You also need to permit it thru your outside access list

access-list outside permit tcp any any eq 25
access-group outisde in interface outside


Re: PAT, One IP and SMTP
Thanks Brian. I will put those in and I see now where what I was entering
was wrong. Thanks for the help..


Quoted text here. Click to load it

Site Timeline