Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 55xx issue

I'm having issues with a new ASA implementation. I have some direct one-to-one translations specificed and I want all the rest of my outbound traffic to go out the global PAT address, but for some reason, all traffic, including inside hosts with outside NATs are appearing as the global PAT address.

Config attached

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: ASA 55xx issue

Your statics are backwards. Should be...

static (inside,outside) 208.xxx.xxx.163 192.168.1.220 netmask 255.255.255.255

2 REPLIES
Green

Re: ASA 55xx issue

Your statics are backwards. Should be...

static (inside,outside) 208.xxx.xxx.163 192.168.1.220 netmask 255.255.255.255

Community Member

Re: ASA 55xx issue

OMG! Sleep deprivation is not good, people! Thanks, acomiskey!

This setup is a conversion from an IP Chains linux firewall and I realize what I did. While documenting the static mappings I used Excel to create my internal and external columns. I then concatenated everything into the cisco static command format and switched my internal and external columns around.

Thanks again!

Randy

120
Views
0
Helpful
2
Replies
CreatePlease to create content