Having trouble nat'ing outside addresses to inside network
Using a pix501, have servers on the outside interface that need to be able to access servers on the inside interface. I can ping from the inside out, but when attempting to ping from the outside in, getting a 305005: No translation group found for icmp src server2 dst inside:server1 (type 8, code0) message in the log. The inside network is 10.100.3.x and the outside is 10.25.143.x. I would really just like the pix to function more like a router with an acl in this situation since I need each side to see the real IP address of the other server. The translation rule nat (inside) 0 10.0.0.0 255.0.0.0 0 0 is working to allow traffic inside out, but any other rules I try adding result in a configuration error.
Re: Having trouble nat'ing outside addresses to inside network
I believe I already have both the necessary translation rule and acl's applied. What I just found out was once I ping from the inside server to the outside server, the outside server can then ping and communicate fine with the inside server. However, this only seems to last for so long before the outside to inside ping stops working, and then I have to ping from the inside out to jumpstart the connection. Is there a time out somewhere that can be adjusted so this doesn't happen?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :