Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Outbound traceroute is not working for NATed IP

I have following scenario:

PC--->6509--->ASA5510--->VPN Concentrator--->L2switch--->checkpoint--->internet

Now in ASA5510 I have nated inside IPs(dynamic Nating) as per my destination IP. If I want to reach my L2switch or VPN concentraor from my desktop there is nat0 rule(so source IP will not be nated)

Now following is my observation:

1. whenever I ping/trace from my desktop to VPNconcentrator/L2switch/checkpoint ->success

2. whenever I ping customer IPs(VPN connection from concentaror and source IP gets Nated)from desktop -> success

3. whenever I traceroute customer IPs(VPN connection from concentaror and source IP gets Nated)from desktop -> Failed(trace should atleast reach up to the VPNconcentrator's inside interface but it is reaching to my 6509 interface only)

earlier I had PIX 515e in place of ASA5510 and it was working.can any one suggest me the solution pls.

1 REPLY
New Member

Re: Outbound traceroute is not working for NATed IP

for VPN customers source Ip get nated at ASA5510 mentioned in the scenario. this ASA5510 is having ver 8.03.

thnx

141
Views
0
Helpful
1
Replies