12-08-2013 04:08 PM - edited 03-11-2019 08:14 PM
What am I doing wrong?
object network netgate
host 192.168.0.45
exit
object network netgate-nat-udp500
host 192.168.0.45
object network netgate-nat-udp4500
host 192.168.0.45
exit
object service netgate-udp500
service udp destination eq 500
object service netgate-udp4500
service udp destination eq 4500
exit
object network netgate-nat-udp500
nat (inside,outside) static interface service udp 500 500
object network netgate-nat-udp4500
nat (inside,outside) static interface service udp 4500 4500
exit
access-list outside_access_in line 10 extended permit object netgate-udp500 any
access-list outside_access_in line 11 extended permit object netgate-udp4500 any
12-08-2013 04:17 PM
Hi,
I can only assume that this is related to using the "interface" IP address of the ASA and perhaps using VPN on that interface.
Then again a quick test on my own ASA after removing all VPN related configurations the ASA still wont accept the configuration. Though I wouldnt be surprised if a reload/reboot helped in my case.
- Jouni
12-08-2013 06:11 PM
I do have site to site VPN tunnels configured. Is there any way to resolve this? I can't bring up the tunnel on the netgate and I have rebooted.
Sent from Cisco Technical Support iPad App
12-09-2013 11:32 AM
Patrick,
If you have a site-to-site then these ports are already being used for the interface IP.
Do you have another IP? you cannot use the same addres with same ports.
Regards,
Felipe.
Remember to rate useful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide