Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
2
Replies

ASA NAT Issue

ddevore01
Level 1
Level 1

‎08-25-2015 07:36 AM - edited ‎03-08-2019 01:30 AM

Hi all,

I have an ASA with a WAN interface, inside interface, and an interface attached to a private T-1. I have multiple end points that must communicate from the inside interface to the T-1 via static 1-to-1 NATs but still be able to connect out the WAN interface with PAT. The WAN PAT works fine, but the 1-to-1 NATs aren't working.

I have configured 1-to-1 NATs from the inside to t-1 interfaces (and vice versa) and allowed ip and icmp traffic through ACLs, but no traffic is flowing. I also added routes to the remote networks out the t-1 interface. I feel as if I am close but missing a step here. I don't know if it matters, but the NAT outside addresses do not exist in any network segment on my end and are different than the interface address; the router on the other end just has a static route to forward the outside network addresses to my t-1 interface.

Any help is appreciated!

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎08-25-2015 08:59 AM

Need to see your configuration really.

If the ASA is running 8.3 or higher it could be the order of your NAT statements for example.

Can you post you configuration together with a source and destination IP address you are trying to ping between.

Jon

0 Helpful

Richard Bradfield
Level 6
Level 6

‎08-25-2015 10:25 PM

Hi,

I think the statement "  I don't know if it matters, but the NAT outside addresses do not exist in any network segment on my end and are different than the interface address"  is key  to the problem, as Jon said the config will help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card