Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
612
Views
0
Helpful
1
Replies

Ping to natted IP

pratik_193
Level 1
Level 1

‎05-04-2011 03:37 AM - edited ‎03-11-2019 01:29 PM

Hi All,

I had a problem:-

I am having ASA 5520 & a static natting is applied on it.

static (inside,outside) 115.112.246.55 192.168.1.163 netmask 255.255.255.255

object-group service reseller tcp
port-object eq www

access-list acl_outside extended permit tcp any host 115.112.246.55 eq www

My problem is that i am not able to ping /telnet(80) to IP address 115.112.246.55 from its own natted IP i.e. 192.168.1.163.

I guess this is the default behaviour of ASA. But i need to enable ping & telnet to public IP from its own natted IP. Is there any way to do it?

Thanks

Pratik

Labels:
0 Helpful
1 Reply 1

Maykol Rojas
Cisco Employee
Cisco Employee

‎05-04-2011 06:54 AM

Hi,

If you would like to enable telnet/ping to the IP address  115.112.246.55 from 192.168.1.163, what you need to do is the following:

static (inside,inside) 115.112.246.55 192.168.1.163 netmask 255.255.255.255

same-security-traffic permit intra-interface

Now, pick the nat statement that covers 192.168.1.163, you mostlikely will have a nat statement like this:

nat (inside) 1 0 0

Then what you need to add is the following:

global (inside) 1 interface

Try this out and let me know.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card