suschoud Thu, 03/08/2007 - 12:15

outside--->inside communication :

on internet:

source ip(1.1.1.1)...destination ip(2.2.2.2)

on asa's outside interface :

static (inside,outside) 2.2.2.2 4.4.4.4

as soon as this translation is processed ,the new packet is :

source ip(1.1.1.1).....destination ip(4.4.4.4)

this packet is sent to inside interface as per static.

so,source ip never changed.

it was the destination which changed.

_________________-

inside to outside communication :

inside(192.168.1.2) ip trying to access 200.200.200.220 on internet.

inside interface :

source( 192.168.1.2)..dest. ip( 200.200.200.220)

nat (inside) 1 192.168.1.2 255.255.255.255

global (outside) 1 interface

on oustside interface

source ip (outside interface's pat address ).....dest. address ( 200.200.200.220)

so,source ip is changing here.

what say ?

eqocommunications Thu, 03/08/2007 - 16:41

The NAT statements are inline with what I'm running here. The issue I'm seeing is that as the SIP traffic from the outside Internet reaches the ASA5520, it's changing the SIP INVITE message from my outside address to my inside address.

Would this have anything to do with stateful inspection? I tried turning it off with creating a policy map inspect sip. But that doesn't seem to help.

Actions

This Discussion