Static NAT ISSUE- Firewall IOS Version 9.6(2)

shishirhemant108 · ‎04-26-2017

Hello,

I am facing issue while configuring Static NAT with Object Group. When I am configuring Static NAT with Object Group( ACL is configured properly) it is not getting resolved but as I am creating an Object for same IP and then applying Static NAT (Without Object-Group Network command) for that it's work absolutely fine. Kindly let me know what is way to configure Static NAT with Object Group without using PAT.

Ajay Saini · ‎04-26-2017

Please paste the commands that you are trying to add and the requirement. That way, we can point out the mistake and would be easier.

-AJ

shishirhemant108 · ‎04-26-2017

Hi,

Please find configuration below:

object-group network Private-IP
network-object host X.X.X.X

object-group network Public-IP
network-object A.B.C.D 255.255.255.255

object-group network Internet
network-object 0.0.0.0 0.0.0.0

object-group network Private-IP
nat (Ingress,egress) source static Private-IP Public-IP destination static Internet Internet no-proxy-arp

Ajay Saini · ‎04-27-2017

Firstly, if you want to add 0.0.0.0 subnet/netmask, simply add any.

SOmething like

nat (Ingress,egress) source static Private-IP Public-IP destination static any any

also, the config you attached did work or not. And which is the other config which worked. Please clarify. Also, tell me how you are testing. Did you run a packet-tracer?

_
AJ

shishirhemant108 · ‎04-27-2017

Attached configuration is not working.

When i am trying to check on ASDM packet tracer, I am getting NAT untranslated,

Ajay Saini · ‎04-27-2017

I dont see attached config, could you please attach the config and the packet tracer output.