cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
992
Views
0
Helpful
26
Replies

Azure to ASA to Internet

Hi, 

 

I have successfully created the site to site between our ASA to Azure.

Azure can see our internal traffic and use the resources.

 

My question is, how can I make Azure goes through our ASA for internet?

Azure > ASA > Internet?

 

I have added it into our site to site connection for i.e the Azure VM. However it still didn't work - i have added into the ACL too.

 

Do I need a return ACL / NAT for it to work?

26 Replies 26

Georg Pauwen
VIP Master VIP Master
VIP Master

How did you configure that NAT ? Post the running config of your ASA and indicate which networks on the Azure side need Internet access through the ASA...

object-group network obj-local

network-object 10.0.0.0 255.255.0.0

network-object 106.10.248.151 255.255.255.255

exit

 

object-group network obj-remote

network-object 10.100.0.0 255.255.0.0

exit

 

nat (inside,outside-isp1) 1 source static obj-local obj-local destination static obj-remote

----------------------------------

Azure (10.100.0.1) should connect to site to site to reach 106.10.248.151

Hello,

 

do you have more than one ISP ? If not, make sure you have:

 

same-security-traffic permit intra-interface

 

configured on your ASA...

 

Otherwise, post the full running config of your ASA...