Since your workstation is on the same internal subnet as the mail
server why would you try to ping out to the xlated ip? If your on the
same internal subnet you should be pinging the 10.10.1.2 ip. I guess
I am missing something?
On Fri, Dec 12, 2008 at 4:17 AM, Rudy Setiawan <rudal_at_online.rudal.com> wrote:
> Hi,
>
> we have a firewall, both outside and inside interfaces.
> We have a SMTP server that lives in the inside network
> and it's translated to a public IP on the outside interface.
> SMTP inside IP: 10.10.1.2
> Translated IP: 216.15.4.4
> in the pix (version 7.2.3)
> static (inside,outside) 216.15.4.4 10.10.1.2 netmask 255.255.255.255
>
> I have a workstation with IP 10.10.1.4 which has a translated IP of 216.15.4.6
> >From my workstation I tried to access 216.15.4.4 port 25 or ping
> 216.15.4.4. I got request timed out.
>
> I have access-list that allows icmp as well as port 25 on the 216.15.4.4 IP.
> I am able to access port 25 and ping the IP from anywhere in the world.
>
> How can I permit such traffic?
>
> Thanks,
> Rudy
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Dec 19 2008
Intro
