05-23-2008 09:15 PM - edited 03-11-2019 05:49 AM
HI,
first time ocnfiguring ASA. I have configure two ASA devices, Promary and secondar and the failover seem to be working but I have routing issues in which I cannot reach devices behind the ASA.
both Inside and Outside Interfaces have Public IP addreses and customer doesn't want NAT. I have added static router inside to the inside block gateway IP which is on the core router. and also static outside 0/0 outside interface.
I havenot done any translation and think that might have contributed to this problem but wanted to see if I need to create a global outside interface since i have no NAT?
Regards,
Masood
05-24-2008 06:31 AM
Hi Masood
If customer doenst want NAT, simply issue "no nat-control" in firewalls and do not spend time on exempt nat statements
Regards
05-24-2008 09:11 AM
Hi and thanks for your input.
The problem was due to the stupid "no proxy Arp" on the inside Interface!
that was scrwing up all the routing that I had in there. so upon disabling the proxy Arp on the inside interface all the servers behind the firewall were able to hit th eInternet!
Thx,
Masood
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: