NAT Issue ASA Version 9.0(1)

shabbir.ali · ‎12-27-2012

Hi,

I am havning somw trouble in configuring NAT on intranet firewall. Below is my scenario and I would appreciate If any one can help me to resolve this issue. here is the my topology:

DMZ Network - - - - - - - - - External Firewall - - - - - - - - - Internet

|

Internal Network - - - - - - - - - Internal Firewall

1) I can Ping the intneral host from external firewall, internet firewall and DMZ network

2) Both ASA's are running OS Version 9.0(1)

3) ACL used permit IP any any, on both (i.e inside and outside)

NAT configuration on Internal Firewall (Identity NAT)

object network MGMT-SRV-INSIDE
subnet 10.10.10.0 255.255.255.192

object network MGMT-SRV-identity

subnet10.10.10.0 255.255.255.192

object network MGMT-SRV-INSIDE
nat (Inside,Outside) static MGMT-SRV-identity

NAT configuration on External Firewall

object network MGMT-SRV-INSIDE
subnet 10.10.10..0 255.255.255.192

object network MGMT-SRV-INSIDE
nat (Inside,outside) dynamic 1.1.1.1 ** 1.1.1.1 assuming public address **

Testing from host 10.10.10.5

reslut: page ccould not be opend.

Your input / views Pls. Tks

Best regards

Shabbir.

Julio Carvajal · ‎12-27-2012

Hello Shabbir,

We are missing a lot of information.

So the problem is that the host 10.10.10.5 cannot browse to the internet???

Is that correct, it not please specify what is the problem

Then share the running configuration of both firewalls ( We will need to check the routes, interface ip addresses,etc)

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC