1. Home
  2. Cisco Systems
  3. ASA5505 Configuration Question

ASA5505 Configuration Question

We are using an ASA5505 as a firewall in a branch office.

Here is an example of my access list and nat configuration. THis allows pop3 and smtp to come in to the mail server from the Internet.

access-list outside_access_in extended permit tcp any interface outside eq pop3 access-list outside_access_in extended permit tcp any interface outside eq smtp

static (inside,outside) tcp interface pop3 192.168.1.5 pop3 netmask

255.255.255.255 static (inside,outside) tcp interface smtp 192.168.1.5 smtp netmask 255.255.255.255

This is a small branch and they do not have internal DNS and must use public DNS. As a result they cannot connect to their internal mail server from inside using the public address.

Is there something I can add to the ASA5505 to allow this?

Thanks

Reply to
tman
Loading thread data ...

2 things you may try:

modify the hosts file on the PC to point to the internal address

or

DNS Doctoring

formatting link

Reply to
artie lange

Hide quoted text -

Since I have the ACLs in place to allow traffic thru the ASA on the various ports and I have static NATs from outside to inside for the various services, do you think just adding the following static NAT might do the trick?

static (inside,outside) interface 192.168.1.5 netmask 255.255.255.255 dns

Thanks

Reply to
tman

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.