cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


363
Views
0
Helpful
4
Replies
Highlighted
Beginner

move the local ip to another server (natting problem)

Dears,

I have a local Database server with local ip 192.168.101.3 and on cisco ASA 5500, i use static nat as below:

#static (inside,outside) xx.xx.xx.xx 192.168.101.3 netmask 255.255.255.255

the server was crashed and we moved the data to another server and give it the exact IP address.

now we cannot ping the real ip from out side.

please help.

thanks in advance.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions

move the local ip to another server (natting problem)

Hello Asad,

I have seen this behavior before, hosts with windows firewall on or anti virus will not reply to any other host that is not on their Local LAN.

Customer usually think it's an ASA issue but as soon as we configure a NAT (OUTSIDE) 10 your_public_ip

global (inside) 10 interface ;   We can see how it works as the server will receive now the packets from the ASA inside interface

Anyway glad to hear it's working fine.

Please mark the question as answered so future users can learn from this

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

4 REPLIES 4
Beginner

natting problem

Hi Asad,

Are you able to ping the server from ASA itself, its quite possible that the arp entry for server on ASA still has old mac-address, but since its changed now, ASA needs to know this, can u try doing "clear local-host 182.168.101.3" or clear the arp on inside for this server and then see if it works.

regards

Gurpreet

Beginner

natting problem

Hi Gurpreet,

thanks for your fast responce.

i can ping the local IP from the ASA, and i did the "clear local-host 192.168.101.3"

it didnt work.

regards,

Asad

Beginner

move the local ip to another server (natting problem)

the problem has been solved,

that was caused by kaspersky antivirus but when i remove it and try it didnt work too, the problem was because when kaspersky removed, it returned back windows firewall on, when i turne it off, it works,,,,,

thanks

Asad

move the local ip to another server (natting problem)

Hello Asad,

I have seen this behavior before, hosts with windows firewall on or anti virus will not reply to any other host that is not on their Local LAN.

Customer usually think it's an ASA issue but as soon as we configure a NAT (OUTSIDE) 10 your_public_ip

global (inside) 10 interface ;   We can see how it works as the server will receive now the packets from the ASA inside interface

Anyway glad to hear it's working fine.

Please mark the question as answered so future users can learn from this

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here