Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Dual NAT

Hi,

Dual NAT is configured on ASA. The configuration is as follows:-

======================

nat (outside) 4 access-list OUT-TO-SVR outside

!

global (inside) 4 172.30.30.1

!

access-list OUT-TO-SVR extended permit ip any host 192.168.10.1

!

static (inside,outside) 192.168.10.1 172.30.10.1 netmask 255.255.255.255

========================

ISSUE :- Internet is not accessible from the Host but, the service running on Host are reachable from Internet.

Please find the logs as follows:-

%ASA-3-305005: No translation group found for icmp src INSIDE:172.30.10.1 dst

OUTSIDE:4.2.2.2 (type 8, code 0)

Also, if the commands(marked in bold) are removed then, everything works fine.

Thanks in advance

Regards,

Nikhil E.

1 REPLY

Dual NAT

try making the static more specific, i.e TCP/UDP port specific.

or the access-list TCP/UDP specific

HTH>

285
Views
0
Helpful
1
Replies
CreatePlease to create content