How to move server from behind NAT to DMZ

Discussion in 'Cisco' started by Paul, Aug 9, 2005.

  1. Paul

    Paul Guest

    We have a block of IP addresses and have assigned various
    internet-facing servers public addresses using the following (on a

    ip nat inside source static tcp i.i.i.i port e.e.e.e port extendable

    Incoming and outgoing mail works just fine until the mail server
    reports its name as but with the public ip of the
    FastEthernet (NAT) interface. There are reverse dns issues and mail
    will occasionally be bounced:

    Received: from (unknown [x.x.x.x])

    (where x.x.x.x is the internet-facing interface of the 1760)

    I'd like this to happen:

    Received: from (unknown [x.x.x.y])

    (where x.x.x.y is the public ip assigned to the mail server)
    public ip address but I'm not too sure exactly how to make the change.

    Presumably I pick an unused FastEthernet interface, enter "no shutdown"
    and hang a switch off that... but do I give it an ip address? Do I give
    the mail server a public ip, does it keep its private ip, does it need
    a new private ip for the dmz, or both? How does the routing work?

    I think I know what to do but am stuck on how to go about it. A prod
    in the right direction would be very much appreciated.
    Paul, Aug 9, 2005
    1. Advertisements

  2. This should solve your problem:
    Be sure that you have the smtp fixup enabled.

    Andre Janssen, Aug 10, 2005
    1. Advertisements

  3. Paul

    Rod Dorman Guest

    Has that feature improved any or does it still clobber the 220
    response and refuse to accept EHLO?
    Rod Dorman, Aug 11, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.