I am saravanan from Utah. One of our customers has asked us to nat from the LAN to the Voice LAN based on destination IP address in order to access a public phone server thorugh a vendor mangaed voice router..
Internet for everything else
Inside ------------------------> ASA 5510 -----------------> Voice router ------> outsdie to public phone server only
10.10.1.0/20 10.10.1.7/320 172.16.20.1/24
Here the ASA5510 has an interface in both networks and the inside network can ping the voice network through the firewall by using nonat acls. The phone server can only talk to the 172.16.20.0/24 network. So I need to nat the 10.10.1.0/20 network to the Voice interface on the ASA 172.16.20.254/24.
So I think I need the follwoing static but I get the error below:
No the statements that I send to you is for the traffic that is initiating from voice zone to voice zone and from inside zone to inside zone...
One thing you need to make sure....If your requirement is to NAT the traffic from inside to voice then you should not use nonat statments,because if NAT-Control is enabled then you have to NAT every traffic whether your source is from inside to inside or from voice to voice or from inside to voice or from voice to inside.
You are using nonat from inside to voice and from voice to inside and at the same time you are using static 1 to 1 mapping for both networks.As per rules,acl will be checked first and traffic will never be natted and static mappings will never come into play.
So you should remove your nonat statments.
Add the static statments that I mentioned you earlier ,remove the nonat statments and let me know .
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...