03-03-2014 06:37 AM - edited 03-11-2019 08:52 PM
I have been working on this for months and I am still not able to get this working correctly. What I am trying to accomplish is to allow Usablenet to connect to our staging web server from the internet with an IP range for Usablenet.
The odd thing is this does not seem to be correct
object network web_staging_net
nat (web_staging,outside) dynamic interface
nat (web_staging,outside) source static obj-10.x.x.197 obj-209.x.x.97 destination static Useablenet Useablenet!
ACL
access-list outside_in extended permit tcp object-group Useablenet host 10.x.x.197 eq www
Any help will be greatly appreciated.
Solved! Go to Solution.
03-03-2014 07:08 AM
What is the configuration of the object web_staging_net? Is it a subnet or single host?
I would recommend creating a separate host entry for 10.x.x.197 and removing the static NAT entry from the other object.
Something like this:
object network web_10.x.x.197
host 10.x.x.197
nat (web_staging,outside) static obj-209.x.x.97
03-03-2014 07:08 AM
What is the configuration of the object web_staging_net? Is it a subnet or single host?
I would recommend creating a separate host entry for 10.x.x.197 and removing the static NAT entry from the other object.
Something like this:
object network web_10.x.x.197
host 10.x.x.197
nat (web_staging,outside) static obj-209.x.x.97
03-06-2014 04:48 AM
It is a single host and web_staging is a network object group and I am just trying to create a one to one relationship.
For example
useablenet connects through 209.x.x.97 that translates to 10.x.x.97 and only allowing usablenet to connect
03-06-2014 06:08 AM
Please post the current output of:
show run object
show run object-group
show run nat
03-06-2014 12:13 PM
This has been resolved, it was simply a routing issue where the 209.x.x.97 was not routable.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide