ASA5505 Static Mapping Problem - Possible bug with ver. 7.2(2)

Unanswered Question

Hi all, I need a 2nd opinion here. I tried to configure my ASA5505 to allow users from the “inside interface” to access a server in the DMZ (see attached drawing). I did this my using a static command:


Static (dmz, inside) mapped_internal_ip_address real_ip_dmz_ip_address netmask 255.255.255.255.


This is also documented in CISCO document ID 64758 - pix70-nat-pat.pdf (attached file). Although this a very typical set up, my endeavor failed miserably.



I did the same and allow users from the “outside interface” to access the same server in the DMZ, and it worked flawlessly.


I did check sysopt, and proxyarp was not disabled.


I strongly suspected this a bug in the software, because Cisco documented this could be done.


I would like a second pair of eyes to verify my configuration.


See the configuration and err msg in the attached "Message text - ASA5505 Static Mapping Problem.doc".



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion