Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
349
Views
0
Helpful
1
Replies

Access to the MGMT interface

mfruvous
Level 1
Level 1

‎11-04-2009 12:23 PM - edited ‎03-11-2019 09:36 AM

Hello,

I have and ASA 5510 and would like to be able to access the MGMT network including the AIP-SSM module from the internal network. I am a Cisco newbie.

Mgmt port: 192.168.22.1

AIP SSM Mgmt port: 192.168.22.254

Internal network: 192.168.1.0/24

I can create the access-list okay but I am having trouble setting up the NAT. The error is “portmap translation creation failed for tcp src Internal 192.168.1.17/1098 dst management:192.168.22.254.”

Is what I would like to do even possible? And if so, what would the NAT be?

Thank you in advance.

Andrea

Labels:
0 Helpful
1 Reply 1

cmcbride
Level 1
Level 1

‎11-06-2009 01:10 PM

Well to configure no nating between the interfaces it would be:

access-list nonat-inside permit ip 192.168.1.0 255.255.255.0 192.168.22.0 255.255.255.0

access-list nonat-mgmt permit ip 192.168.22.0 255.255.255.0 192.168.1.0 255.255.255.0

nat (mgmt) 0 access-list nonat-mgmt

nat (inside) 0 access-list nonat-inside

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card