Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
524
Views
0
Helpful
2
Replies

Static NAT configuration ASA 5515 with Version 9.1(3)

Kasun Bandara
VIP
VIP

‎08-12-2015 09:27 AM - edited ‎03-11-2019 11:25 PM

HI experts,

 

i have a consideration creating a some load balance through ASA using NAT features. but i am getting stuck in one place. 

 

                                                                        (outside1) WAN1   ---------         ------ VLAN1 (inside)

                                                                         public IP range                |        |

                                                                                                                  ASA    

                                                                                                                 |        |  

                        <<<<  ADSL router -------------  (outside2) WAN2   ---------         ------ VLAN2 (inside)

  public IP range                       private address range

 

i configured wan 1 as a default route with lower metric and Wan 2 as a default route with higher metric. so VLAN1 and VLAN2 users can access internet using wan1 by default route. ADSL router doing his nat and internet part properly. i wanted to send vlan 2 traffic through wan2. for that requirement i created a static nat from vlan2 all IPs to wan2 IPs (i can make many static nats because its private address range) interfaces and network address ranges. but when i run packet tracer ASA using wan1 as a outside interface to vlan2 traffic. 

i have seen routing is happening before nat process. so i identified this problem occurs because of that. i have done this successfully in asa5510 and its not working on 5515 with 9.1(3) OS version. 

 

any ideas which i can drive wrong path?

 

Thanks in advance for any idea

 

PS: unfortunately i am not able to post configuration or ip addressing due to security policies. your ideas will be gold point to me. :)

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
Labels:
0 Helpful
2 Replies 2

Niels van der Made
Level 1
Level 1

‎08-13-2015 03:38 AM

It's tough troubleshooting without seeing the config, but did you by change accidently enabled 'route-lookup' on the static nat rule?

0 Helpful

Kasun Bandara
VIP
VIP
In response to Niels van der Made

‎08-13-2015 03:57 AM

Hi Niels,

thanks for reply..

Actually i have not used 'route-lookup' command on nat commands. 

i guess this is a OS bug according to http://packetpushers.net/understanding-when-a-cisco-asa-nat-rule-can-override-the-asa-routing-table/ and waiting for TAC support.

 

thanks

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card