I'm having a problem and i'm not sure how to fix it.
I have one server which works for antivirus , updates in all machines , but there's two equipments which this server is unable to access but only these two.
These servers are DNS and WEB server from the other site, but they don't receive automatic updates. when i access my antivirus server an try to ping those two i got :
Asymmetric NAT rules matched for forward and reverse flows; Connection for icmp src dmz2:Servereb dst inside:10.1.1.55 (type 8, code 0) denied due to NAT reverse path failure
Those servers have a static NAT to outside with a public address.
Server --- Firewall ---- Router ----- Firewall -- WEBserver
I don't know what do to solve this problem... please help...
If need any other information let me know thanks!
It seems like when the traffic from inside comes to DMZ2, it will take DMZ2
interface IP. But when you are trying to access the inside server from DMZ2,
you are trying its original IP address. Please try the following:
access-list inside_nat0_outbound permit ip "inside subnet" "mask" host "DMZ2
This will ensure that the inside devices use their own IP when communicating
with the DMZ2 server. That should address the error message you are getting.
Hope this helps.