07-01-2008 04:11 PM - edited 03-11-2019 06:07 AM
Hi,
I am receiving following message in my syslog server related to PIX 525 IOS version 7.2
PIX-3-305005: No translation group found for udp src outside:10.3.210.155/57156 dst inside:svhm-dc1/53
The traffic 10.3.210.155 is outside the PIX interface and svhm-dc1 is behind the inside interface. I have nat0 rule for inside the subnet (svhm-dc1) so that it will send the traffic as it is without natting. But as per syslog description I need to do nat0 on 10.3.210.155 which is outside the pix interface. I would like to know how solve this configuration error issue.
Cheers,
siva
Solved! Go to Solution.
07-02-2008 03:24 AM
you only need to define a static to allow traffic from outside to access the server placed behind inside. like
static(inside,outside) svhm-dc1 svhm-dc1 netmask 255.255.255.255
it will resovle the issue 100%.
07-01-2008 05:59 PM
Have you an access-list accordingly?
Can you give me your configuration?
It should be like this....Ex
static (inside,outside) udp interface 137 INTERNALIPADDRESS 137 netmask 255.255.255.255
access-list outside2inside permit udp any interface outside eq 137
access-group outside2inside in interface outside
OR
static (inside,outside) udp PUBLICIP 137 INTERNALIPADDRESS 137 netmask 255.255.255.255
access-list outside2inside permit udp any host PUBLICIP eq 137
access-group outside2inside in interface outside
Thanks,
Dharmesh Putohiy
07-01-2008 08:48 PM
Hi Dharmesh,
My config is 1400 lines. So I can't send that. But here I have pasted the access-group which has corresponding access list.
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
nat (inside) 0 access-list inside_nat0_acl
host svhm-dc1 is sitting behind PIX inside interface and host 10.3.210.155 is sitting outside the PIX interface and I am using NAT0 for inside interface to communication with 10.3.210.155.
Let me know whether this information is enough or not.
Cheers,
siva
07-02-2008 03:24 AM
you only need to define a static to allow traffic from outside to access the server placed behind inside. like
static(inside,outside) svhm-dc1 svhm-dc1 netmask 255.255.255.255
it will resovle the issue 100%.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: