03-10-2016 02:39 AM - edited 03-12-2019 12:28 AM
Hi Guys,
Good Day!
Just want to know if you also have an issue regarding the ASA not performing routing but instead using its NAT configuration for it to route the traffic. I have a NAT from DMZ to ISP with any any in its criteria however, we already have more specific route configured in the ASA as static going to the inside zone of the ASA.
Can you enlightened us what happened?
Thanks.
03-10-2016 02:46 AM
Hi,
In newer codes if you use a
Check this link:
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/116388-technote-nat-00.html#anc11
Regards,
Aditya
Please rate helpful posts.
03-10-2016 02:54 AM
Hi Aditya,
Good Day!
Do you know what is the start ASA IOS that introduced this changed? Because we upgraded the ASA from version 8.4(4)9 to version 8.4(7)30.
Thanks
03-10-2016 02:56 AM
Hi,
It was done from 8.3 code.
May I know which NAT statement is getting affected by this ?
Regards,
Aditya
03-10-2016 03:17 AM
Hi Aditya,
Good Day!
Do you know why it was only affected the time we upgraded if the this NAT new coding starts at 8.3? Our previous version is 8.4(4)9 which means it has already the new NAT rule code.
Thanks
03-10-2016 03:20 AM
Hi Aditya,
Good Day!
The affected once are with the "any any" in its NAT.
Thanks.
03-10-2016 03:21 AM
Hi,
By any any you mean the interfaces ?
If yes i would recommend to be more specific.
Regards,
Aditya
03-10-2016 03:25 AM
Hi Aditya,
Good Day!
The interface are from DMZ to ISP then the destination is in any any. Also, the static route goes to the inside zone.
Do you have any idea why it only happened after the upgrade even though the NAT change of behaviour was intriduced in 8.3 version?
Thanks.
03-10-2016 04:13 AM
Hi,
Could you please share the packet tracer output of the affected traffic ?
Regards,
Aditya
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide