NAT Incoming SMTP Traffic to an SMTP Server
If you only have one public IP address, or a very limited number, you can create a network object NAT rule that translates inbound traffic, bound for a static IP address and port, to an internal address. We have provided procedures for specific cases, but you can use them as a model for other supported applications.
Before you begin
Before you begin, create a network object for the smtp server. For the sake of this procedure, we will call the object, smtp-object. See Create Network ObjectsCreate Network Objects for instructions.
Procedure
Step 1 | In the left pane, click Inventory. |
Step 2 | Click the Devices tab to locate the device or the Templates tab to locate the model device. |
Step 3 | Click the appropriate device type tab. |
Step 4 | Select the device you want to create the NAT rule for. |
Step 5 | Click NAT in the Management pane at the right. |
Step 6 | Click |
Step 7 | In section 1, Type, select Static. Click Continue. |
Step 8 | In section 2, Interfaces, choose inside for the source interface and outside for the destination interface. Click Continue. |
Step 9 | In section 3, Packets, perform these actions:
|
Step 10 | Skip section 4, Advanced. |
Step 11 | For an FDM-managed device, in section 5, Name, give the NAT rule a name. |
Step 12 | Click Save. The new rule is created in section 2 of the NAT table. |
Step 13 | Review and deploy now the changes you made, or wait and deploy multiple changes at once. |
Here are the entries that are created and appear in an ASA's saved configuration file as a result of this procedure.
Note | This does not apply to FDM-managed devices. |
object network smtp-object
host 10.1.2.29object network smtp-object
nat (inside,outside) static interface service tcp smtp smtp