11-13-2016 08:55 AM - edited 03-12-2019 01:31 AM
i am getting this message on my syslog please kindly help
Asymmetric NAT rules matched for forward and reverse flows
here is my config
object network STORAGE
host 10.178.12.46
object service netbios-ssn
service tcp sourcce eq netbios-ssn
nat (inside,outside) source static STORAGE interface service netbios-ssn netbios-ssn
access-list OUT permit extended permit tcp any object STORAGE eq netebios-ssn
access-group OUT in interface outside
packet tracer
packet-tracer input outside tcp 192.168.71.64 1 10.178.12.46 139
Phase: 1
Type: CAPTURE
Subtype:
Result: ALLOW
Config:
Additional Information:
MAC Access list
Phase: 2
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list
Phase: 3
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
in 10.178.12.46 255.255.255.255 via 10.178.5.1, inside
Phase: 4
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group OUT in interface outside
access-list OUT extended permit tcp any object STORAGE eq netbios-ssn
Additional Information:
Phase: 5
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Phase: 6
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 7
Type: NAT
Subtype: rpf-check
Result: DROP
Config:
nat (inside,outside) source static ISILION interface service netbios-ssn netbios-ssn
Additional Information:
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule
11-13-2016 10:52 PM
Hi,
Can you please put this NAT statement on line 1 and then test ?
It seems the traffic is matching another NAT while going out.
Regards,
Aditya
Please rate helpful posts and mark correct answers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide