01-17-2016 04:22 PM - edited 03-12-2019 12:09 AM
I have an issue with NAT. My setup is as follows:
LAN ---> inside ifc (ASA 9.5) outside ifc -----> Internet --------> customer firewall
I have a VPN on the outside interface over the Internet to the customer. I am doing NAT on the inside ifc for outbound traffic and also NAT on the outside ifc for inbound traffic. On both occasions I am only NAT'ng the source address. My outbound NAT (inside ifc) is working fine. My inbound NAT is doing identity NAT (i.e. NAT to itself). I have tried both object and global nat and both are giving the same results.
01-17-2016 04:41 PM
Could you be more specific as to what is not working? Could you past the chunk of your config relating to NAT please.
01-23-2016 07:18 PM
Hi Mohammed,
When you say that in both the occasions you are trying to perform source NAT, then for Inbound NAT, ASA would be having a route for the mapped address pointing towards Outside. That could be the reason it would be going Identity.
Please check your nat statement. You could also share the required nat statement if it doesn't work.
Hope it helps.
Regards,
Akshay Rastogi
Remember to rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide