Showing results for 
Search instead for 
Did you mean: 

Cisco ASA 5505 IP NAT INSIDE command not working....

Level 1
Level 1

I have an Cisco ASA 5505. I am new to cisco devices and taking over a preconfigure device. I have a NAT policy that is pointing to the wrong IP address and I need to replace a IP NAT INSIDE SOURCE statement. Every time I run the command, I get an error of “Invalid input detected at ‘n’ marker”. It appears that it doesn’t understand the command: ip nat

I am in enable mode and config # but this doesn’t seem to matter. What am I doing wrong??? I have read a few forums that describe the command that I should be using but for some reason it’s not working.


GOAL: forward ports 443 and 80 to an internal server address.

This was left from the previous IT guy and the (2) BOLD statements are the ones I am trying to change:


ip local pool SDM_POOL_1

ip classless

ip route


no ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source static tcp 135 interface FastEthernet4 135

ip nat inside source static tcp 443 interface FastEthernet4 443

ip nat inside source static tcp 80 interface FastEthernet4 80

ip nat inside source route-map SDM_RMAP_1 interface FastEthernet4 overload


Any help is VERY appreciated!


3 Replies 3

John Blakley
VIP Alumni
VIP Alumni

Yeah, ASAs are a little different. What version are you running? "sh ver" There are differences on the way that nat was changed from 8.2 -> 8.3, so knowing the version is important.

Otherwise, for example, if you run a web server inside and need to change the public IP for it, versions 8.2(5) and earlier statically assigned them like:

static (inside,outside) interface netmask

On the acl on the outside interface you would have:

access-list OUTSIDE permit tcp any interface eq 80

access-group OUTSIDE in interface outside


HTH, John *** Please rate all useful posts ***

Running software version 8.2 (2) on Device Manager Version 6.2(5)

I tried the static  command but it appears I am screwing that one up too..... Sorry.  I want it to point to inside  How would the verbage go?

Review Cisco Networking for a $25 gift card