12-21-2015 10:34 PM - edited 03-08-2019 03:11 AM
Hello,
There is an ASA 5505 8.2(5). I've been working with. There are two vlans (172.21.1.0/24 and 172.21.2.0/24), one port for each, both connected to a switch, which has been configured with the same two VLANs. No trunk ports. ASA denys packets due to Asymetrical translations; same inter and same intra interface routing set.
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
nat (VoIP_PH) 0 access-list VoIP_PH_nat0_outbound
nat (VoIP_PH) 1 0.0.0.0 0.0.0.0
global (outside) 1 interface
global (Telecom) 1 interface
Of course, inside_nat0_outbound is an access list that reads, among other lines, 172.21.1.0/24 --> 172.21.2.0/24, and VoIP_PH_nat0_outbound reads 172.21.2.0/24 --> 172.21.1.0/24.
My log screen is flooded with Asymetric translations messages and the router does not route traffic between both subnets.
Any ideas?
Thanks.
Regards.
12-22-2015 10:22 AM
Can you post the error message you are receiving?
01-25-2016 12:08 PM
Asymmetric NAT rules matched for forward and reverse flows; Connection for udp src inside:172.21.1.46/25128 dst inside:172.16.15.10/53 denied due to NAT reverse path failure
172.16.0.0/24
|
|
MPLS
.254
| _______________
172.21.1.0/24 __|__.1| |
| ASA |
|______________|
01-25-2016 01:40 PM
Hi,
have you already configured a NAT Exempt Rule between both private Networks?
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide