I have a 2611 that has been in service for several years. I'm a cisco newby and want to allow IMAP4 to my mail server, so I got into the router and added tcp 143 to my nat but it doesn't seem to work. I thought perhaps it was in my firewall but that port is allowed. I used the external port scan tool from dslreports.com and all the ports listed in my nat show up there EXCEPT for 143. Am I missing something obvious? Tony
interface Ethernet0/0 description connected to Internet ip address 123.123.123.123 255.255.255.252 ip access-group 100 in no ip directed-broadcast ip nat outside ! interface Ethernet0/1 description connected to EthernetLAN ip address 192.168.1.3 255.255.255.0 ip access-group 100 in no ip directed-broadcast ip nat inside full-duplex ! ip nat inside source list 1 interface Ethernet0/0 overload ip nat inside source static tcp 192.168.1.1 143 123.123.123.123 143 extendable ip nat inside source static tcp 192.168.1.42 5631 123.123.123.123 5631 extendable ip nat inside source static udp 192.168.1.42 5632 123.123.123.123 5632 extendable ip nat inside source static tcp 192.168.1.1 25 123.123.123.123 25 extendable ip nat inside source static tcp 192.168.1.57 22 123.123.123.123 22 extendable ip nat inside source static tcp 192.168.1.1 510 123.123.123.123 510 extendable ip nat inside source static tcp 192.168.1.1 110 123.123.123.123 110 extendable ip classless ip route 0.0.0.0 0.0.0.0 123.123.123.12 ip route 10.11.12.0 255.255.255.0 192.168.1.100 ip route 192.168.0.0 255.255.0.0 192.168.1.100 ip route 192.168.1.0 255.255.255.0 192.168.1.97 no ip http server ! logging history warnings access-list 1 permit 192.168.1.0 0.0.0.255 access-list 1 permit 192.168.2.0 0.0.0.255 access-list 1 permit 192.168.3.0 0.0.0.255 access-list 100 permit ip host 192.168.1.2 any access-list 100 permit ip host 192.168.1.34 any access-list 100 permit ip any any dialer-list 1 protocol ip permit dialer-list 1 protocol ipx permit