cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
518
Views
0
Helpful
3
Replies

Facing issue in accessing ASDM via NATed IP

Hi ,

In have a Cisco ASA 5550 in which I have configured Gi0/0 as 10.51.20.5 mask 255.255.255.0

I am accessing it from 172.16.20.0/24 subnet.

I have NATed 10.51.20.5 to 172.16.20.5 IP. If I keep my system in 10.51.20.0/24 subnet, I am able to access ASDM.

Now when I ping 172.16.20.5, its pinging. But I am not able to access ASDM on this NATed IP.

Can someone please help, as to what I might be missing in the configuration on ASA.

 

I also configured below 2 commands on ASA:

 

http 10.51.20.0 255.255.255.0 INTERNAL

http 172.16.20.0 255.255.255.0 INTERNAL

 

 

3 Replies 3

Ajay Saini
Level 7
Level 7

Hello,

 

 

Could you please share the config of ASA and the layer3 device on which NAtting is done?

 

 

HTH

AJ

Hi Ajay,

I have attached my network diagram.

So I am trying to access ASDM on Red Firewall. So when I ping 172.16.20.5 IP, it gets NAT to 10.51.20.5 on Blue Firewall and then reaches Red Firewall. As I said, ping is working so there is no issue in NAT or route. I am not sure, why the ASDM is not getting opened up. Now if I connect my system to Yellow switch and keep my system's IP as 10.51.20.x it is able to access ASDM.

 

Kindly help.

Thanks for the diagram. Lets take captures on the red firewall G0/0 interface to see if the packet is reaching the firewall.

 

capture capin interface <interface_name> match tcp any any eq 443

 

Ref Doc:

https://supportforums.cisco.com/t5/security-documents/asa-using-packet-capture-to-troubleshoot-asa-firewall/ta-p/3129889

 

It will help us to see if you have the traffic reaching the firewall and if reply is being sent. It must be one of those simple things I believe. 

 

-

HTH

AJ

Review Cisco Networking for a $25 gift card