11-11-2011 10:12 AM - edited 03-11-2019 02:49 PM
The outside IP on an asa is 1.1.1.1/32 and we are using PAT for inside hosts to connect to the internet and all is working.
The ISP is also routing 2.2.2.2 to 1.1.1.1, and we have a 1 to 1 static for an inside host to that IP address, the traffic arrrives at the ASA outside interface but is not getting though the the inside host
Any ideas? this was working previoulsy
11-11-2011 11:03 AM
Hello,
What version are you running?
Mike
11-11-2011 11:08 AM
8.2(1)
11-11-2011 11:15 AM
If you place a capture on the receiving interface, do you see the traffic being routed correctly to the ASA?
access-list cap permit tcp any host 2.2.2.2
access-list cap permit tcp host 2.2.2.2 any
capture test interface
Send traffic and then do show cap cap and see if the packets are reaching, if yes but still does not work, please do the following
packet-tracer input
Check what is the result at the end, if it is being allowed or denied.
Mike
11-11-2011 11:17 AM
Its being allowed.
11-11-2011 11:19 AM
Did the capture showed both direction traffic?
Mike
11-11-2011 11:22 AM
I see traffic leave, and return.. but the return traffic gets to teh ASA but not the server
11-11-2011 12:47 PM
If you put a capture on the server itself, are you able to see the traffic there?
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide