Error message in Asymmetric NAT with vpn

hunterman — Fri, 21 Feb 2020 16:52:59 GMT

Hello everyone

I have tunnel vpn between 2 branches and it's working fine but the services between them as voip server and can make call between 2 extension as 1 extension in branch 1 and other extension in branch 2,

In asa sniffer I'm saw the error message "

%ASA-5-305013: Asymmetric NAT rules matched for forward and reverse

flows; Connection protocol src interface_name:source_address/source_port [(idfw_user)] dst interface_name:dst_address/dst_port [(idfw_user)] denied due to

NAT reverse path failure."

My problem is one branch can't hear other branch,

Any one help to solve the problem

THANKS

Re: Error message in Asymmetric NAT with vpn

Rob Ingram — Fri, 01 Mar 2019 13:23:50 GMT

Hi,
I would guess your outbound traffic matches 1 nat rule and the return traffic matches another, hence the asymetric error.

Please the configuration of the ASA reporting this error
Please provide the output from "show nat detail" and indicate the source and destination networks.

topic Re: Error message in Asymmetric NAT with vpn in Network Security

Error message in Asymmetric NAT with vpn

Re: Error message in Asymmetric NAT with vpn