01-17-2008 01:02 PM - edited 03-11-2019 04:50 AM
we have a direct connection to another agency from an interface on our 5520 to their firewall. a user on their side needs access to a server on our inside network. We have an IP ANY ANY access rule for this interface. I've created a static NAT for the server they need to connect to and gave them the NATed address. They tried and said it isn't working. Do I need to add a route for their IP to my inside network? Is there a good way to troubleshoot this issue? I haven't used captures enough to really know how to analyze what I'm seeing.
01-17-2008 01:04 PM
Could you post the relevant parts of the config?
01-17-2008 02:12 PM
Thanks for looking at this. I'm not sure about the security here (first time here) so I XX'd out the IPs.
I was told the IP's for their PCs are NATed to 192.x.x.x
Interface is UP
IP address 172.x.x.x, subnet mask 255.255.255.0
access-list place line 1 extended permit ip any any (hitcnt=146)
static (inside,place) 172.x.x.x 10.x.x.x netmask 255.255.255.255
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide