static nat help please!!!

rjackson · ‎02-06-2004

I have a static nat statement with an access-list on the outside interface.

static (inside,outside) 192.168.0.9 12.12.12.1 netmask 255.255.255.255 0 0

access-list 103 permit tcp host 10.10.10.25 host 192.168.0.9 eq www

access-list 103 permit tcp host 172.16.31.15 host 192.168.0.9 eq www

access-list 103 deny ip any any

access-group 103 in interface outside

The problem is that the translation does not show up and traffic from the outside does not work, until the host 12.12.12.1 sends traffic out from the inside. Then the translation is there and traffic initiated from the outside works.

From everything I read this is not how it is supposed to work. The clear xlate removes the static nat entries!!!

Whats wrong here?

mostiguy · ‎02-07-2004

what version of pix os are you running? your config looks fine? are you logging anything - are you getting entries that state that the access list is not working?

rjackson · ‎02-07-2004

I'm running 6.3(3) on a 506. It a lab setup and I dont have logging up yet. Am I write to think that as soon as I define a static it should show up in the xlate table?

baileja · ‎02-08-2004

No, a static will not show up in the XLATE table untill an actual translation takes place. Does the static show up in your config? I have heard of a similar problem that after adding a static, it does not show in the config but I think it was with PIX code 6.2. Can I see your full config?

neo_bahrain · ‎02-10-2004

hello ,

would echo reply enabled help ?

jackko · ‎02-11-2004

please post the config

rjackson · ‎02-12-2004

Its still got me confused. But I had to give to pix back that I was practicing on. So I dont have the config or the pix anymore.