Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA5510 Static 1to1 NAT Configuration Issue

We are replacing our EOL Watchguard X1000 Firewall(s) with Cisco ASA 5510 unit - ASA Version 8.4(3).  Following is the static NAT I have build and the corresponding access list.

nat (FW2Inside,FW2Outside) source static BW_XSP1_Private BW_XSP1_Public destinat

ion static BW_XSP1_Private BW_XSP1_Public

access-list FW2Outside_access_in extended permit tcp any object BW_XSP1_Public object-group DM_INLINE_TCP_1

Unable to access the server on the inside interface via the public NAT address. Can you point me in the right direction as to what I might be missing to make this work?                  

Everyone's tags (2)
1 REPLY
Red

ASA5510 Static 1to1 NAT Configuration Issue

Hi David,

You need to use these:

nat (FW2Outside,FW2Inside) source static any any destination static BW_XSP1_Public BW_XSP1_Private

access-list FW2Outside_access_in extended permit tcp any object BW_XSP1_Private object-group DM_INLINE_TCP_1

It should work after this.

Hope that helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
486
Views
0
Helpful
1
Replies