Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1659
Views
5
Helpful
19
Replies

NAT Issue

Go to solution
Ejaz Ahmed
Level 1
Level 1

‎09-17-2014 12:32 PM - edited ‎03-11-2019 09:46 PM

Hi Experts,

 

One of my office have Cisco ASA 5510 with ios 8.4(5). Everything is configured and working fine except the static NAT. I have a block of public IP, which I used to configure static NAT.  The internal server which is configured with static NAT is not getting internet or anything. When I removed the static NAT, the internet is getting (through WAN interface IP). The server is placed in the DMZ. I have allowed everything to the server but it is not working.

 

Regards,

EJAZ

Labels:
0 Helpful
19 Replies 19

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to Ejaz Ahmed

‎09-23-2014 03:30 AM

Hi,

 

In your case the format for configuring Static NAT for the server would be

 

object network <object name>
 host <server local ip>
 nat (DMZ,Outside) static <public ip address> dns

 

This would bind the local IP address to the public IP address configured on the "nat" command. This would mean that outbound connections would also use this public IP address. If you had a similiar Static PAT configuration already then you would not really need that UNLESS you are changing the mapped/local port in the "nat" command.

 

But configuring the Static NAT would already mean that it would override the Dynamic PAT for outgoing connections from this server. Naturally there is a small chance depending on your current complete NAT configuration that even this Static NAT might be overridden but I doubt it. If the above "packet-tracer" is for the DMZ server in question then there should be no problem.

 

- Jouni

0 Helpful

Go to solution
Ejaz Ahmed
Level 1
Level 1
In response to Jouni Forss

‎09-23-2014 05:34 AM

Hi Jouni,

 

Great help!!!!! It worked.

Now the server connections are going with NATed Public IP.

Thank you so much for your help.

I have one more issue that need to be resolved. Some other teams are currently working on the server, once they have done with server I need to check on that.

Marius also helping me on that.

 

Regards,

Ejaz

0 Helpful

Go to solution
Ejaz Ahmed
Level 1
Level 1
In response to Jouni Forss

‎09-24-2014 12:31 AM

Hi Jouni,

Really appreciate for the replies.

 

You can check the configuration file I have attached

 

Regards,

Ejaz

0 Helpful

Go to solution
Ejaz Ahmed
Level 1
Level 1
In response to Jouni Forss

‎10-07-2014 08:04 PM

Hi Jouni,

We still have the issue :(

I have configured three static NAT in the firewall, only one is working correctly.

When I remove the static NAT of other two, the connections from the server is going with WAN IP and everything working.

 

With the static NAT, no traffics are going outside from the two servers(having issue).

Please help

 

Regards,

Ejaz

 

Preview file
28 KB
0 Helpful

Go to solution
Ejaz Ahmed
Level 1
Level 1
In response to Ejaz Ahmed

‎09-23-2014 05:44 AM

Hi Marius,

From the output it is showing that the connection is going outside with firewall's interface IP. I have configured the command which is provided byJouni Forss.

Now the outbound connection from the server also going with the NATed public IP. Thank you so much for the help. I really appreciate for the help

 

Ejaz

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card