Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10220
Views
5
Helpful
15
Replies

Nat on ASA not working

Go to solution
dan_track
Level 1
Level 1

‎11-24-2009 04:03 AM - edited ‎03-11-2019 09:42 AM

Hi,

In an earlier thread I had opened I was advised to use the following configuration to nat traffic from my vpn clients to the inside network.

Here's the config I put in:

nat (dmz) 21 172.16.96.0 255.255.255.0

global (inside) 21 10.45.64.23

The vpn clients have the address range 172.16.96.0 255.255.255.0

Any thoughts on this?

Thanks

Dan

Labels:
0 Helpful
15 Replies 15

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to dan_track

‎11-25-2009 08:30 AM

Glad to hear that.  Our config guide may be overwhelming if you don't do this on a daily basis. We say we eat, sleep and drink this stuff and still we get stuck on many occasions.

If you can get these 3 rules down you can become a master.

RTP

1. Route

2. Translation

3. Permission

Write down what the source ip and destination IP will be, with respect to each interface and see if RTP is there for the flow, for both request and response.  That is all. This is exactly what I did this morning before I posted my suggestion. There was translation missing for the response from the RDC server to get back to the client. Once you added that it resolved the issue.

This is a CCO doc may not be as intense as the config guide. Pls. refer this one:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008046f31a.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card