07-13-2008 12:44 AM - edited 03-11-2019 06:13 AM
Hello guys,
our network guys had implemented MPLS, however, the setup is placing a router in the front of the internet firewall where it has 192.168.x.x interface IP address. I've given the firewall interface IP address on 192.168.x.x segment. access list also is given to that IP address.
PROBLEM :-
when our network guy tries to access the firewall, the NAT is not working and I get this message
3|Jun 23 2008 18:03:41|305005: No translation group found for tcp src MPLS:192.168.xx.x dst inside:xxx.xx.x.xx (type 8, code 0)
however the inside segment is also 192.168.xx.xx!
what do I get this message and NAT doesn't work?
the destination IP address is behind two firewalls extra
is it because the source is a private segment?
pleaseeeeeeeeeeeeeeeeeeee help me with this issue my boss is pressuring me into it :(!
07-13-2008 12:37 PM
show the configuration
07-14-2008 05:33 AM
interfaces configuration?
interface GigabitEthernet0/0
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/0.1
vlan 10
nameif internet
security-level 0
ip address 62.xxx.xx.x 255.255.255.192 standby 62.xxx.xx.xx
!
interface GigabitEthernet0/0.2
vlan 20
nameif DMZ1
security-level 0
ip address 192.168.93.1 255.255.255.0 standby 192.168.93.2
!
interface GigabitEthernet0/0.3
vlan 60
nameif mpls
security-level 0
ip address 192.168.80.2 255.255.255.248 standby 192.168.80.3
!
interface GigabitEthernet0/1
nameif internal
security-level 100
ip address 192.168.95.1 255.255.255.0 standby 192.168.95.41
!
interface GigabitEthernet0/2
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2.1
vlan 30
nameif DMZ
security-level 50
ip address 192.168.94.1 255.255.255.0 standby 192.168.94.2
!
above is the interfaces configuration, I don't know where is your concern at??
07-14-2008 05:40 AM
We need the entire configuration.
07-16-2008 05:20 AM
this firewall has a lot of configuration and I cannot just copy the entire configuration, so you might need to tell me where exactly your interest?
07-16-2008 05:39 AM
nat
global
static
interfaces
acl
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: