Multiple static nat problem.

Answered Question
Sep 12th, 2007
User Badges:

Hi all.


I have a problem whit a Cisco ASA 5505


My problem is nating from the outside in.


About my setup:

I have a 28 bit subnet from my ISP.

- One for the GW

- One for the ASA

- One for the ISP Switch


The rest is free for me to use.


The Problem:


When a try to nat in other IP's then the ASA IP I only get the first to work.


I have attached my config.


This won't work:

static (inside,outside) 91.189.xxx.166 192.168.2.11 netmask 255.255.255.255


This works:

static (inside,outside) 91.189.xxx.167 192.168.2.6 netmask 255.255.255.255



Can any one help me please :-)


Thanks,

Stig Bollund



Correct Answer by mattiaseriksson about 9 years 8 months ago

Hi Stig,


Have you tried different outside IP's?


Enter 'clear xlate' after you change any NAT statements.


The logfile should give you information why a translation fails so check there as well.


But I can't see any problem in the configuration.


Regards,


/Mattias

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Correct Answer
mattiaseriksson Wed, 09/12/2007 - 04:27
User Badges:
  • Bronze, 100 points or more

Hi Stig,


Have you tried different outside IP's?


Enter 'clear xlate' after you change any NAT statements.


The logfile should give you information why a translation fails so check there as well.


But I can't see any problem in the configuration.


Regards,


/Mattias

mnetworksas Wed, 09/12/2007 - 04:33
User Badges:

Hummmm.....


If I use another IP, then it works.

That I dont like..


One the IP that dosen't work:

It nat's okay, and I used the clear xlate around 100 times :-)


Thanks..

mattiaseriksson Wed, 09/12/2007 - 04:42
User Badges:
  • Bronze, 100 points or more

Perhaps that IP is being used already. Remove the NAT statement, ping that IP from the ASA and then check with 'show arp' if it still has an arp entry for it.


Check the logfile for error messages.


The last part about 'It nat's okay' I did not quite understand. What NAT's ok?

mnetworksas Wed, 09/12/2007 - 08:42
User Badges:

Hi all.


Thanks for replying.


The problem was the ARP table on my ISP's Router.


The problem is fixed.


Actions

This Discussion