Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1003
Views
0
Helpful
3
Replies

ASA 8.2 NAT Exemption Question

Go to solution
drewnivet
Level 1
Level 1

‎06-01-2017 07:43 AM - edited ‎03-12-2019 02:27 AM

Hello I've created a diagram here to illustrate the problem.  Just looking for some confirmation that this would be the correct fix for this.  Our server inside Site3 cannot reach the internal Site2 network is the issue.  Appreciate any help.

Diagram is attached here.

Labels:
Preview file
335 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to drewnivet

‎06-01-2017 09:50 AM

Okay, I think I just misread which ASA was doing what.

So the answer is still yes, you need to apply that to the incoming interface.

Jon

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎06-01-2017 09:37 AM

Yes, you need to add it to the interface as per your diagram.

However I am a bit confused ie. you have a VPN between the sites, do you not already have a NAT exemption ?

Jon

0 Helpful

Go to solution
drewnivet
Level 1
Level 1
In response to Jon Marshall

‎06-01-2017 09:45 AM

Thanks Jon.  Yes there is NAT exemption between the main campus inside networks and the remote site network

Also, on Site2's firewall

object network obj-10.10.10.0
subnet 10.10.10.0 255.255.255.0


nat (inside,any) source static obj-10.10.10.0 obj-10.10.10.0 no-proxy-arp route-lookup

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to drewnivet

‎06-01-2017 09:50 AM

Okay, I think I just misread which ASA was doing what.

So the answer is still yes, you need to apply that to the incoming interface.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card