cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

63
Views
0
Helpful
2
Replies
Highlighted
Beginner

ASA NAT Issue

Hi all,

I have an ASA with a WAN interface, inside interface, and an interface attached to a private T-1. I have multiple end points that must communicate from the inside interface to the T-1 via static 1-to-1 NATs but still be able to connect out the WAN interface with PAT. The WAN PAT works fine, but the 1-to-1 NATs aren't working.

I have configured 1-to-1 NATs from the inside to t-1 interfaces (and vice versa) and allowed ip and icmp traffic through ACLs, but no traffic is flowing. I also added routes to the remote networks out the t-1 interface. I feel as if I am close but missing a step here. I don't know if it matters, but the NAT outside addresses do not exist in any network segment on my end and are different than the interface address; the router on the other end just has a static route to forward the outside network addresses to my t-1 interface.

Any help is appreciated!

Everyone's tags (3)
2 REPLIES 2
Hall of Fame Guru

Need to see your

Need to see your configuration really.

If the ASA is running 8.3 or higher it could be the order of your NAT statements for example.

Can you post you configuration together with a source and destination IP address you are trying to ping between.

Jon

Frequent Contributor

Hi,I think the statement "  I

Hi,

I think the statement "  I don't know if it matters, but the NAT outside addresses do not exist in any network segment on my end and are different than the interface address"  is key  to the problem, as Jon said the config will help.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards