castingasfen.blogg.se - How to configure lan and wan asa 5505 cisco

Press it to apply the NAT settings to the active rules (turn it on). Select the check box for port translation.Įnter 25 for both of the port fields unless your destination port is different on your server.Īt the bottom of the dialog select the affirmative choice to create the port opening's route.Īt the bottom of the main ASDM window "Apply" is now an active button. Translated address - add the IP address of your mail server. Translated interface - select your inside interface (I assume this is the one that faces the network the mail server is on). Original interface - select the one that faces the internet. Select ADD Static from the pop up list of ADD choices at the top left of the list part of the window. Open ASDM > Configuration (top left of window) > Firewall (bottom left of window) > NAT Rules (middle left of window)

Next you will need to make sure the ASA routes all traffic on port 25 to your mail server when it comes in. These steps allow the ASA firewall to allow traffic on port 25 to proceed through the ASA to the internal network when it is directed to your mail server. Press it to apply the port settings to the active rules (turn it on). (ignore this if everything is typical)Īt the bottom of the dialog select the affirmative choice to create the port opening.Īt the bottom of the main ASDM window "Apply" is now an active button. Service - from the dialog box that comes up when you select this, choose SMTP (mail) from the list, this assumes that you want port 25, the normal SMTP port.Ĭlick on more choices if you want to use port translation and have the incoming port 25 traffic sent to another port which your server is using in lieu of the standard. Source - Any (request can comer from any ip address)ĭestination - IP address of your Mail Server (I assume that it is on the private side of the network) Interface - whichever interface is connected to the internet. Select ADD at the top left of the list part of the window, in the following dialog select the following as appropriate to you You should be faced with a list of open ports. Open ASDM > Configuration (top left of window) > Firewall (bottom left of window) > Access Rules (middle left of window) Here's what I did to open ports to my server: I am currently sending and receiving emails to and from the internet with no problem. The following assumes that all ports on the inside interface of the ASA are open, that you can run the ASDM and that you have one of the hardware ports set to be the inside or private network connection and that you have another of the hardware ports set to be the outside, public or internet network. All of my setup was with the ASDM GUI interface, I cannot offer CLI commands as I have no experience with it yet on this unit. Follow what Alex advises on the Server for Mail, he knows.Īs far as the ASA is concerned, we just got a couple of the 5505 and a 5510. Post navigation ← Disable Click and Drag on Folders Importing big. This entry was posted in Tech Support, Uncategorized on Apby curreri. The Cisco asa5505 will take a couple minutes to reset, but when it comes up the device should have a static ip, and boxes behind the firewall will get IP’s from DHCP, and they should be able to get out from behind the firewall!

Select ‘Save the running configuration at time of reload’.

Now to save and reload the box, click ‘Tools/System reload’.

Click “Properties” on the left, then select “Device” under “Device Administration.” Enter the Host Name and Domain Name and hit apply.

Optional: If you know the host name and dns domain for this Cisco unit, you can set it.

Select interface inside, and hit edit.

Now your boxes can get out from behind the firewall, but we need to give them DNS servers and such, if you are using DHCP to assign IP’s to boxes behind the firewall.

If you have a box on the same subnet as the cisco box, do an ipconfig /all and use the gateway listed there. In the Gateway IP field, type the gateway outside of your asa5505.In the IP Address field, type: ‘0.0.0.0’.For the interface name, select ‘Outside’ (or whatever the outside interface is named).Click ‘Routing’ on the left, Make sure ‘Static Routes’ is selected.Your boxes probably lose their connection right about now. Select an IP address, and use ‘255.255.255.0’ for the mask.In the ‘IP Address’ box, click the radio for ‘Use Static IP’.Under Configuration, Interfaces, select the Outside interface and hit Edit.Open the ASDM and log into your device.Follow the steps below to go from DHCP on your 5505 to a static IP. This is because you don’t have a route to the outside world. If you do this using the ASDM, systems behind the firewall will suddenly not be able to connect to the internet. It’s good practice to set that device to have a static IP.