NAT 0 for a interface vlan doesn't work, but for a interface without tag works.
From Firewall console I'm able to access all computers in different vlan, this proves that there isn't no L2 problem...
Have some experienced this situation?
---------- ///
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 100full
interface ethernet3 100full
interface ethernet4 100full
interface ethernet4 vlan10 physical
interface ethernet4 vlan99 logical
interface ethernet5 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 owner security4
nameif ethernet3 bco security6
nameif ethernet4 officeadm security6
nameif vlan99 netadm security6
nameif ethernet5 livre security10
ip address outside 200.200.200.200 255.255.255.248
ip address inside 172.20.0.2 255.255.255.0
ip address owner 172.210.2.1 255.255.255.0
ip address bco 10.11.50.96 255.255.0.0
ip address officeadm 172.210.3.1 255.255.255.0
ip address netadm 172.210.1.1 255.255.255.0
nat (bco) 0 access-list nonat1
nat (netadm) 0 access-list nonat2
access-list nonat1 permit ip 10.11.0.0 255.255.0.0 172.210.3.0 255.255.255.0
access-list nonat2 permit ip 172.210.3.0 255.255.255.0 10.11.0.0 255.255.0.0
--------------
Syslog error message
%PIX-3-106011: Deny inbound (No xlate) tcp src bco:10.11.5.154/4189 dst netadm:172.210.1.21/23