cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1985
Views
0
Helpful
9
Replies

Cisco ASA NAT Error

somnath21
Level 1
Level 1

Hi,

In my ASA I am getting some error when I want to configure static NAT and NAT exempt configuration. I think Some miss configuration has been done.

The error msg given below..

Firewall-ASA-02(config)# static (inside,outside) x.x.x.12 10.138.77.54 netma$

INFO: Global address overlaps with NAT exempt configuration

Firewall-ASA-02(config)# no access-list nonat extended permit ip 10.138.77.0 255.$

INFO: Outside address overlap with static NAT configuration

Plz help to reslove this issue..why i am getting this type of error msg.

Regards,

som

1 Accepted Solution

Accepted Solutions

as i see ur config the following line not sure if u need it if not try to REMOVE it and let me know

access-list nonat extended permit ip any 10.138.77.192 255.255.255.224

i think the following one too, !

access-list nonat extended permit ip any 10.138.74.64 255.255.255.192

good luck and let me know

View solution in original post

9 Replies 9

Marwan ALshawi
VIP Alumni
VIP Alumni

can u post ur nat config or show run ?

Plz find the configuration in the attachment,

your help would be appreciated....

Regards,

som

ok

now with these config dose the ASA working ok?

and when u get this errors?

can u put the lines that u wanna add and u getting errors when adding them

Hi,

I am getting error whnever I try to add a new STATIC NAT and NAT EXEMPT.

plz find the eeror msg..

Firewall-ASA-02(config)# static (inside,outside) x.x.x.25 10.138.77.62 netmask 255.255.255.255

INFO: Global address overlaps with NAT exempt configuration

INHYD-ASA-02(config)#access-list nonat extended permit ip 10.138.77.0 255.255.255.0 10.10.15.0 255.255.255.0

INFO: Outside address overlap with static NAT configuration

Regerds,

som

as i see ur config the following line not sure if u need it if not try to REMOVE it and let me know

access-list nonat extended permit ip any 10.138.77.192 255.255.255.224

i think the following one too, !

access-list nonat extended permit ip any 10.138.74.64 255.255.255.192

good luck and let me know

Hi

I have removed this two lines but same error msg coming.I am getting the same error msg during removing aslo and after removing when tried to add a new exempt.

remove them

save ur config

reload then try again

u have to reload after changing nat and nat policies

Hi,

Thanx!

Its working now without error.

Regards,

som

iam glad it working :)

Review Cisco Networking for a $25 gift card