07-10-2012 09:11 AM - edited 03-11-2019 04:29 PM
Hello,
I have found multiple solutions to this question for < 8.2 but no solutions for the new way the ASA does nat statments
Basically i have multiple VLAN's and i need 2 of them to communicate
inside - 192.168.1.0/24 ( security-level 100 )
voice - 192.168.100.0/24 ( security-level 100 )
Error i am getting is:
192.168.1.100 192.168.100.100 Deny inbound icmp src inside:192.168.1.100 dst Voice:192.168.100.100 (type 8, code 0)
When trying to ping from 192.168.1.100 to 192.168.100.100
I know what has to happen is i need 2 static nat statements to route the information from one subnet to the other. problem is i can't seam to generate the right statments.
I have come up with:
object network obj_nat_voice_to_inside
subnet 192.168.1.0 255.255.255.0
nat (inside,Voice) static interface
object network obj_nat_inside_to_voice
subnet 192.168.100.0 255.255.255.0
nat (Voice,inside) static interface
They are not working i know there is something wrong just can't figure it out
I have found multiple examples for the old style nat statments to resolve this issue but none on the new style.
can someone give me a hand with this?
Thanks in advnace!
Solved! Go to Solution.
07-10-2012 09:28 AM
Hello,
Have you enable the command:
same-security-traffic permit inter-interface
also can you try with this NATs:
nat (inside,Voice) source static obj_nat_inside_to_voice obj_nat_inside_to_voice
nat (Voice,inside) source static obj_nat_voice_to_inside obj_nat_voice_to_inside
Let me know how this works for you
07-10-2012 09:28 AM
Hello,
Have you enable the command:
same-security-traffic permit inter-interface
also can you try with this NATs:
nat (inside,Voice) source static obj_nat_inside_to_voice obj_nat_inside_to_voice
nat (Voice,inside) source static obj_nat_voice_to_inside obj_nat_voice_to_inside
Let me know how this works for you
07-10-2012 10:13 AM
same-security-traffic permit inter-interface
did the trick
Thank you so much!
07-10-2012 10:46 AM
You are very welcome
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide