OT: NAT Translation Problem

Hello All,

I have the scenario below:

------inside(172.y.x.0/24)----------FW----------outside----------R1------------

on the firewall, I have the following configuration:

FW
====
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address 192.168.10.2 255.255.255.0

route outside 0.0.0.0 0.0.0.0 192.168.10.13 3

static (inside,outside) tcp 192.168.5.126 https 172.y.x.5 https netmask
255.255.255.255
static (inside,outside) tcp 192.168.5.126 www 172.y.x.5 www netmask
255.255.255.255
static (inside,outside) tcp 192.168.5.126 smtp 172.y.x.5 smtp netmask
255.255.255.255
static (inside,outside) tcp 192.168.5.126 pop3 172.y.x.5 pop3 netmask
255.255.255.255

R1
===

interface GigabitEthernet0/0
 ip address 192.168.10.13 255.255.255.0
 ip nat inside
 ip virtual-reassembly

interface GigabitEthernet0/1
 ip address 192.168.5.122 255.255.255.248
 ip nat outside
 ip virtual-reassembly

ip route 0.0.0.0 0.0.0.0 192.168.5.121
ip route 192.168.5.126 255.255.255.255 192.168.10.2

ip nat inside source list 100 interface GigabitEthernet0/1 overload

access-list 100 permit ip 172.y.x.0 0.0.0.255 any

My host device on 172.y.x.5 was translated for www, https and smtp traffice
on the firewall, and there is a nat overload translation for 172.y.x.0/24
network on the router. For outbound traffic, I believe the host 172.y.x.5
should have been translated to 192.168.5.126 for smtp, https and www traffic
before it gets to the router, but that is not the case. On using access-list
to check the log on my router, it still have a source address of 172.y.x.5
and later translated to 192.168.5.122 to the outside. Moreover, I can telnet
to my host device from the outside on port 80,443 and 25 using its global ip
address. What could be the course of this and how do I resolve this?

Thank you.

Mayor

-- 
Olumayokun Fowowe
Blogs and organic groups at http://www.ccie.net