08-08-2018 11:07 PM - edited 02-21-2020 08:05 AM
Hi guys,
I am having an issue with NAT on two ASA´s.
We are supposed to use twice NAT on both of sites (same office site , 2 different ASA´s on 2 different locations)so internal users from one internal site can connect to the other site.
ON one of the ASA´s we have Internal and Outside interface.
ASA1
Outside: 192.168.22.180
Inside: 10.160.48.99
ASA2:
Inside: 10.160.48.140
VLan212: 192.168.16.9
As you can see these sites both use internal ip addresses and there is no VPN between them however they are directly connected with a core Switch.
I am trying to establish a connect from behind ASA1 with a Source IP Adrress 192.168.22.140 tryting to connectbehind the ASA2 with an IP Adress 192.168.16.114.
I have configured this so far:
ASA1
nat (outside,inside) source static obj-192.168.22.140 obj-10.160.48.70 destination static obj-192.168.22.114 obj-10.160.48.48
ASA2
nat (inside,VLAN_212_industr_Grenzebach) source static obj-10.160.48.70 obj-192. 168.16.110 destination static obj-10.160.48.48 obj-192.168.16.114
I can see the server initiating the connection however I dont see anyhting arriving on ASA2
08:01:46.101175 802.1Q vlan#2 P0 192.168.22.140.20114 > 192.168.22.114.20114: udp 20
08:01:46.101206 802.1Q vlan#1 P0 10.160.48.70.20114 > 10.160.48.48.20114: udp 20
If I do a packet tracer from the ASA I can get through and I can see the NAT I configured being used.
Any suggestions on what to check ?
08-09-2018 06:01 AM
Hello Dogii,
Could you let us take a look at the packet-tracer detailed output?
Thanks
-A
08-14-2018 02:32 AM
Hi Aron,
I made it easy on myself and drew this up. Sorry for the late response.
It is simple I am trying to communicate from 192.168.22.140 to 192.168.16.110 on the other side.
But somehow whatever I do it doesnt work. If you could take a look at the picture posted I made a diagram of what exactly I need.
thank you in advance,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide