I'm having issues with static identity NAT on an ASA 5505.
We use VLAN 2 for the outside interface and VLAN1 for the inside. The outside WAN is connected to Eth 0/0 and the inside to Eth 0/1. Then we have created 1 to 1 static identity NAT statements for each of the two servers. However I'm now unsure how this will work
in terms of the VLAN configuration on the ASA. If we put the inside interface into VLAN2 we can ping the IPs of the servers however as they are in the same security level as the outside interface no filtering takes place, even when we remove "same-security-traffic inter-interface"
Then if we add the inside interface to VLAN 1 the connection breaks as traffic is not being routed between the VLANs
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...