03-03-2019 02:19 PM
Hi all,
Very unusual situation, but am searching for temp solution. See attached diagram. Have an ASA with trunked interface. Have vlans 208 (192.168.208.0/24), and vlan 205 (172.16.204.0/22). The two vlans can communicate with each other fine. However, there is a PC/Server at 192.168.208.11 that will not communicate with anything outside of Vlan 208. I have no access to that server. Am guessing it needs a static route added to it, or has a firewall on. Am looking for a temp solution that will allow Vlan 205 to talk to that server. I need some kind of relay on vlan 208 that will allow vlan 205 to talk to the server 208.11. Can I do this with NAT? Would I need to set up another router or PC on Vlan 208?
Solved! Go to Solution.
03-03-2019 05:02 PM
why dont you nat the source of users in vlan 205, when going to the 192.168.208.11 int the interface vlan 208 IP address of the ASA.
this way, as far as the server is concerned the connection attempts come from within vlan 205.
03-03-2019 02:29 PM
03-03-2019 02:36 PM
Don't have access to the server 192.168.208.11, so can't check it's settings, but I can ping it from within the 192.168.208.0/24 network. Can also ping other devices between vlans with no problem. Firewalls on PCs I can access are off. No ACLs on ASA except for the default ones.
03-03-2019 05:02 PM
why dont you nat the source of users in vlan 205, when going to the 192.168.208.11 int the interface vlan 208 IP address of the ASA.
this way, as far as the server is concerned the connection attempts come from within vlan 205.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide