Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1085
Views
0
Helpful
3
Replies

Will adding route-lookup in NAT statement cause any temporary outage

Go to solution
cHrome08
Level 1
Level 1

‎10-02-2019 06:08 PM

Hey Guys,

 

Might be a silly question, but i thought I would rather post this and get confirmation.

I currently have an ASA that is not reachable at the moment because we have set up an IPSEC tunnel as a temp workaround at the new site (long story).

This was done by my colleague and ever since then we are not able to get connectivity to the ASA but we are able to remotely connect to other device behind the ASA,


Looking at the config, it has the following:-

 

nat (INSIDE,OUTSIDE) source static net-INSIDE net-INSIDE destination static net-HQ net-HQ

 

I beleive its missing a route-lookup and a no-proxy-arp option at the end of the nat statement.
My question is, as this site is live and can't afford any downtime, will me adding the command route-lookup and no-proxy-arp at the end of the NAT cause any temporary outage?

Thanks.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎10-03-2019 01:27 AM

Hello

Curious have you tired connecting to the FW via its tunnel addressing?

Can you post the config of the asa?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
3 Replies 3

Go to solution
paul driver
VIP
VIP

‎10-03-2019 01:27 AM

Hello

Curious have you tired connecting to the FW via its tunnel addressing?

Can you post the config of the asa?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
cHrome08
Level 1
Level 1
In response to paul driver

‎11-07-2019 08:09 PM

Hi Paul,


Thats weird that i did not get an email saying that someone responded to my post.
Upon checking, the firewall on both ends did not have a tunnel IP assigned on each end.
That was the issue.
Thank you for guiding me to the right solution.

 

Regards,

Han

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to cHrome08

‎11-08-2019 01:31 AM - edited ‎11-08-2019 01:31 AM

Hello
Glad to hear your issue is now sorted


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card