Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
252
Views
0
Helpful
1
Replies

Separating Interent traffic and Mail traffic

Randy Haddon
Level 1
Level 1

‎06-30-2015 11:54 AM - edited ‎03-11-2019 11:12 PM

I am needing to separate the how the outside sees our Internet traffic and mail traffic.

 

the current NAT statement is

object network obj-10.0.0.0
 nat (inside,outside) dynamic 65.X.X.X

 

ACL

access-list acl-outside line 47 remark SMTP Inbound
access-list acl-outside line 48 extended permit tcp any host 65.X.X.5 eq smtp
access-list acl-outside line 49 remark HTTP Inbound for OWA server
access-list acl-outside line 50 extended permit tcp any host 10.X.X.31 eq www log
access-list acl-outside line 51 remark HTTPS Inbound for OWA server
access-list acl-outside line 52 extended permit tcp any host 10.X.X.31 eq https log

 

is there a way to have the outside see WWW traffic see one IP address 65.X.X.30 and SMTP traffic as 65.X.X.40

This is on a 5520 with 8.47

Thanks for the hlep

 

Randy

Labels:
0 Helpful
1 Reply 1

jj27
Spotlight
Spotlight

‎06-30-2015 12:31 PM

So you want source SMTP traffic from the inside to be NAT to the IP 65.x.x.40?

object service SMTP
service tcp destination eq smtp

object network obj-65.x.x.40
host 65.x.x.40

nat (inside,outside) source static any obj-65.x.x.40 service SMTP SMTP

 

That should do the trick.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card