I have an ASA with three interfaces: inside, outside and otherlan. On altralan there's an EhternetDevice that must be reached from inside, but not from outside.
The relevant part of configuration is:
name A.B.C.D EthernetDevice
ip address X.Y.Z.T 255.255.255.0
ip address IP-PUBBLICO NETMASK
ip address A.B.C.E 255.255.255.0
switchport access vlan 2
switchport access vlan 3
access-list otherlan_access_in extended permit ip host EthernetDevice X.Y.Z.0 255.255.255.0
access-list inside_access_list extended permit ip X.Y.Z.0 255.255.255.0 host EthernetDevice
global (outside) 1 interface
global (otherlan) 2 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,otherlan) EthernetDevice EthernetDevice netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group otherlan_access_in in interface otherlan
route outside 0.0.0.0 0.0.0.0 X.Y.Z.T 1
EthernetDevice has an embedded HTTP server, which is working, i.e. from a pc on otherlan it's reachable, and it has A.B.C.E as default gateway.
The problem is that I can't reach it from a pc on inside lan, and on ASA log I have the following error:
portmap translation creation failed for tcp src inside:X.Y.Z.P/2461 dst altralan:EthernetDevice/80
I've also tried to use:
global (otherlan) 2 X.Y.Z.4-X.Y.Z.10 netmask 255.255.255.0
and try to reach from a PC whose IP is in the pool, but no luck too.
What is wrong / haven't I understood ?
Thanks in advance