02-03-2011 05:44 PM - edited 03-11-2019 12:44 PM
Hi,
I'm working on a configuration for a client in my lab and I'm getting this message when pinging from one site behind a vpn peer router to a site behind the ASA
5 Feb 03 2011 11:26:38 172.29.6.231
Asymmetric NAT rules matched for forward and reverse flows;
Connection for icmp src outside:172.28.5.1 dst inside:172.29.6.231 (type 8, code 0) denied due to NAT reverse path failure
I know the nat is wrong but right now I'm not sure what needs changing. What is asymmetric nat and what is nat reverse path failure?
Solved! Go to Solution.
02-03-2011 06:30 PM
Hi Lcaruso,
Please let me know what version of the code you are running. I am assuming its 8.3. If so this is usally seen because of the overlapping nat statement.
Please paste the output put for " show nat detail " and " sh run nat ".
For a detailed explanation on the error, i have provided the link below,
https://supportforums.cisco.com/docs/DOC-12569
Regards,
Akhil
02-03-2011 06:30 PM
Hi Lcaruso,
Please let me know what version of the code you are running. I am assuming its 8.3. If so this is usally seen because of the overlapping nat statement.
Please paste the output put for " show nat detail " and " sh run nat ".
For a detailed explanation on the error, i have provided the link below,
https://supportforums.cisco.com/docs/DOC-12569
Regards,
Akhil
02-03-2011 07:00 PM
Thanks for that link !
Let me read that over and then I'll try the commands you mentioned. If I'm still stuck, I'll post output.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide