Hi All,

I have ASA with default configuration running IOS 8.4(2). I am working in GNS3.

Inside interface IP is 10.1.1.1/24, Outside interface IP is 1.1.1.1/24.

IP configured in server is 10.1.1.2 which is natted to 1.1.1.20. and IP of other server is 10.1.1.3 natted to 1.1.1.30.

Now when I try to ping the IP 1.1.1.30 from server 10.1.1.2 or from 10.1.1.3, I am unable to ping.

Below is configuration. Please help me what is missing in the configuration

ASA1# show run
: Saved
:
ASA Version 8.4(2)
!
hostname ASA1

names
!
interface GigabitEthernet0
 nameif outside
 security-level 0
 ip address 1.1.1.1 255.255.255.0
!

interface GigabitEthernet2
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet3
 no nameif
 no security-level
 no ip address
!
interface Redundant1
 member-interface GigabitEthernet2
 member-interface GigabitEthernet3
 nameif inside
 security-level 100
 ip address 10.1.1.1 255.255.255.0
!

ftp mode passive
object network 10.1.1.2
 host 10.1.1.2
object network 10.1.1.3
 host 10.1.1.3
access-list Out-In extended permit icmp host 2.2.2.20 host 10.1.1.2
access-list Out-In extended permit icmp host 2.2.2.20 host 10.1.1.3
access-list Out-In extended permit icmp host 2.2.2.30 host 10.1.1.2
access-list Out-In extended permit icmp host 2.2.2.30 host 10.1.1.3
access-list Out-In extended permit tcp host 2.2.2.20 host 10.1.1.2 eq 3389

object network 10.1.1.2
 nat (inside,outside) static 1.1.1.20
object network 10.1.1.3
 nat (inside,outside) static 1.1.1.30
access-group Out-In in interface outside
route outside 0.0.0.0 0.0.0.0 1.1.1.2 1

class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect icmp