I am not too sure this is the correct term but what I need is to get the external address 1.2.3.4 port 25 to go inside to 10.1.1.4 port 26. I have a spam filter that listens to a port and sends to exchange on a different port; the problem is that I cannot move exchange listeners from port 25 because of intersite communications - via VPN
How can I do this port translation?
Thanks
Cristian Croitoru
static (inside,outside) tcp 1.2.3.4 smtp 10.1.1.4 26 access-list out2in permit tcp any host 1.2.3.4 eq smtp access-group out2in in interface outside
Is it the VPN traffic that needs to have the port translated? If so then you need to check to see whether the VPN traffic is covered by a "nat (inside) 0 access-list" ACL. If it is (that is, if you are using internal IP addresses to talk over the VPN) then you would need to adjust that nat 0 access-list ACL so that the SMTP traffic was not covered by it, because nat 0 access-list takes precedence over static port translation.
Thank you very much for the prompt response. No, the VPN traffic does not need translation, only the internet incoming SMTP traffic
Will try it tonight, thanks again
Cristian Croitoru
PS Is port translation the correct term?
"Walter Roberson" <
Yes, Cisco differentiates between NAT (Network Address Translation), which is one-to-one IP-to-IP, and PAT (Port Address Translation) which is port multiplexing onto single public IPs. Sometimes, though, "NAT" is meant to include PAT ("NAT" is the more generic term.)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.