Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
295
Views
0
Helpful
2
Replies

NAT error message

mulhollandm
Level 1
Level 1

‎03-26-2008 02:13 PM - edited ‎03-11-2019 05:22 AM

folks

i have an internet facing 2600 router in front of a 515 pix cluster

the 2600 nats incoming traffic from ANY host to an internet routable address (destination port 25) and routes it to an internal mail server

i can see the translation table and the nat is working ok

the pix receives the inbound traffic to a specific host on a dmz interface and should apply an acl which allows ANY host to connect to the internal address

however, the pix is complaining with the following error

Mar 26 16:21:59 145.a.a.a Mar 26 2008 14:29:46 Clar-PIX-1 : %PIX-2-106001: Inbound TCP connection denied from 213.b.b.b/2746 to 145.c.c.c/25 flags SYN on interface outside

Mar 26 16:21:59 145.a.a.a Mar 26 2008 14:29:46 Clar-PIX-1 : %PIX-3-305005: No translation group found for tcp src outside:213.b.b.b/2746 dst dmz:145.c.c.c/25

can anyone give me a clue or an idea of what the problem is?

thanks to anyone taking the time to reply

Labels:
0 Helpful
2 Replies 2

johnd2310
Level 8
Level 8

‎03-26-2008 02:24 PM

hi,

you need to configure nat and statics on the pix. If the pix is not doing any address translation then set NAT0.

Thanks

John

**Please rate posts you find helpful**
0 Helpful

mulhollandm
Level 1
Level 1
In response to johnd2310

‎03-26-2008 02:32 PM

john

many thanks for your reply

i have a nat for the specific internal host as follows

static (dmz,outside) 145.c.c.c 145.c.c.c netmask 255.255.255.255 0

i also have following

nat (dmz) 1 0.0.0.0 0.0.0.0 0 0

thanks for your help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card