portmap translations failed from inside to inside

Unanswered Question
Jun 1st, 2010
User Badges:

Hi all


I am gettings lots of errors on my firewall, saying portmap translation failed, but the thing is both ip addresses exist on the inside interface, so why is the firewall doing this?

I have turned nat control off just in case.


any ideas?

Carl

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Tue, 06/01/2010 - 06:56
User Badges:
  • Green, 3000 points or more

Hi Carl,


You have static PAT configured on the Firewall?

When do you get those errors?


What do you mean with both IP addresses exist on the inside interface?

If there's a communication between two IPs on the same segment, this traffic should not go through the Firewall (unless there's something not configured correctly).


Please explain.


Federico.

carl_townshend Wed, 06/02/2010 - 02:06
User Badges:

Hi


there is PAT configured on the firewall, the addresses I am seeing are addresses that are on the inside of the network so shouldnt even be touching the firewall, would this be a routing issue somewhere?? the firewall is running eigrp and the route to inside is load balanced to 2 locations, would this affect it ?

cheers


Carl

Panos Kampanakis Wed, 06/02/2010 - 17:31
User Badges:
  • Cisco Employee,

Probably this is a routing issue since you are saying that these packets should be routed internally and not even hit the ASA.

I would check the previous hop and its routing for the ip addresses involved.


I hope it helps.


PK

Actions

This Discussion