%PIX-3-305005: No translation group found for.....
I've got a machine in the DMZ. My internal network is 10.0.0.0 /8. Traffic routes correctly from a DMZ host to a machine with a 10.1.x.x address, but when I try (from the same host) to a 10.250.x.x machine, I get a "%PIX-3-305005: No translation group found for.....[details of source/destination and protocol]" error in syslog.
I am using the PDM and I don't understand why I am getting a NAT problem from the same DMZ host, to the same Internal network (just a different host) - given that I can't see either a NAT Translation Rule or Exception that is specific to either the working scenario or the one that generates the error.
I've got a feeling that the problem isn't dependant on specific hosts, more that it is a mask / subnetting configuration error of some sort.
I don't believe that the DMZ address is being NATed in the working scenario and that the original DMZ address is being used, so why the problem in the non-working scenario ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...