suschoud Thu, 03/08/2007 - 12:15
User Badges:
  • Gold, 750 points or more

outside--->inside communication :


on internet:

source ip(1.1.1.1)...destination ip(2.2.2.2)


on asa's outside interface :


static (inside,outside) 2.2.2.2 4.4.4.4


as soon as this translation is processed ,the new packet is :


source ip(1.1.1.1).....destination ip(4.4.4.4)


this packet is sent to inside interface as per static.


so,source ip never changed.

it was the destination which changed.



_________________-


inside to outside communication :


inside(192.168.1.2) ip trying to access 200.200.200.220 on internet.


inside interface :


source( 192.168.1.2)..dest. ip( 200.200.200.220)


nat (inside) 1 192.168.1.2 255.255.255.255

global (outside) 1 interface



on oustside interface


source ip (outside interface's pat address ).....dest. address ( 200.200.200.220)


so,source ip is changing here.



what say ?

eqocommunications Thu, 03/08/2007 - 16:41
User Badges:

The NAT statements are inline with what I'm running here. The issue I'm seeing is that as the SIP traffic from the outside Internet reaches the ASA5520, it's changing the SIP INVITE message from my outside address to my inside address.


Would this have anything to do with stateful inspection? I tried turning it off with creating a policy map inspect sip. But that doesn't seem to help.

Actions

This Discussion