Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
438
Views
0
Helpful
3
Replies

ASA 5505 static nat error message

CHUN FAI LAW
Level 1
Level 1

‎08-11-2013 10:24 PM - edited ‎03-11-2019 07:24 PM

i would like to port forward an port 4500 on the outside interface to inside host but it shows the error message below.

But if i add for port ftp and tftp without any problem.

[ERROR] nat (inside,outside) 6 source static aruba interface service Aruba-4500 Aruba-4500

NAT unable to reserve ports.

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-11-2013 11:35 PM

Do you have remote access or site-site VPN also setup and enabled on the outside interface?

If so, port 4500 is used by IPsec so I suspect it is reserved in the appliance.

0 Helpful

CHUN FAI LAW
Level 1
Level 1
In response to Marvin Rhoads

‎08-11-2013 11:51 PM

yes, we have site to site vpn config on the asa!!

may be this is the reason we can't enable this port on outside interface!!

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to CHUN FAI LAW

‎08-11-2013 11:56 PM

Yes. Enabling IPsec on the outside interface "siliently" reserved that port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card