I just setup an ASA5510 and it has been working well but noticed today that addresses on the inside network going out are showing the destination IP as the outside interface's ip address. A few days ago I don't think it was doing this and I have tried to reboot it to make sure that didn't fix it. Also previously I was seeing pings in the output but now when I try to ping like 220.127.116.11, it doesn't show up in the logs. Has anyone else seen anything like this? I'm currently running 8.2.5 and asdm 6.4.5
For instance, all I see in the logs over and over is the following:
6 May 23 2012 15:12:21 192.168.x.x 61183 x.x.x.x 16114 Built dynamic TCP translation from inside:192.168.x.x/61183 to outside:x.x.x.x/16114
This looks like an entry for hitting a normal Dynamic NAT translation rule.
Someone on the inside of your network using IP 192.168.x.x is most likely trying to access something on the outside network of your ASA (Internet?). This syslog rule is telling you that the ASA is translating the 192.168.x.x adres to its own outside address. This is most likely a public (Internet routable) IP. This is perfectly normal configuration.
If you're not seeing pings anymore that might be because ICMP inspection is not turned on. I'm not 100% positive if pings show up in the syslog without ICMP inspection.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :