Hi Syed,

syedhashmi455 · ‎11-23-2015

Hello Folks,

I have a query which I am trying it hard to resolve.

I have a server sitting in inside interface wants to gain access to internet from a public ip other than the outside interface ip, but having error.

Inside interface srever ip : 10.1.4.12

Public Ip : 55.55.55.55

outside interface ip : 66.66.66.66

I have configured this way

access-list inbound extended permit ip any host 10.1.4.12

nat (Inside,outside) source 10.1.4.12 55.55.55.55

Can some one please guide me. This is urgent.

Regards,

Syed

Rishabh Seth · ‎11-23-2015

Hi Syed,

The nat rule doesnt have dynamic/static in the definition:

nat (Inside,outside) source static 10.1.4.12 55.55.55.55

>> Is the public IP for the server falls in the same subnet as the IP on the ASA's public interface?

>> What is the ASA verison you are running?

>> run packet tracer and check why ASA is droppping the traffic.

packet-trace input Outside tcp <src-ip> <src-port> 55.55.55.55 <dst-port> det

Thanks,

Rishabh Seth

syedhashmi455 · ‎11-23-2015

Hi Risbah,

I've figured it out. Actually there was a dynamic NAT superceeding static NAT.

There was a dynamic NAT configured for inside interface to outside interface and below was configured a static NAT between 10.1.4.12 55.55.55.55.

So I placed this static NAT on top of Dynamic and it worked.

Now the servers are able to go online.

My ASA version is running on 9.0

Thanks for your reply.

Regards,

Syed

Nat from inside to outside