I have just configred ASA 5520 and put it in production, and every thing seems to work except i can not access the hosts on the inside network from OUTSIDE.
When i run Packet Tracer command from ASDM it tells me NAT is an issue, i have tried few comobinations but struggling to get it working and trying to work out what i might have missed.
OUTSIDE IP: x.x.x.196
Outside IP Ueseable Range provided by the SP: x.x.x.197,x.x.x.198, and so on
name 10.10.10.10 ABA-Pilot description ABA-Pilot Server name 10.10.10.11 ABA-NAS description ABACisco NAS Device name 192.168.0.0 dmz description DMZ LAN name 10.10.10.0 inside description Inside LAN name x.x.x.192 internet description Outside Network name 10.100.100.0 managment description Managenet LAN ! interface GigabitEthernet0/0 description Connection to the Internet nameif outside security-level 100 ip address x.x.x.196 255.255.255.240 ! interface GigabitEthernet0/1 description Inside Interface nameif inside security-level 0 ip address 10.10.10.254 255.255.255.0 ! access-list inside_access_in remark Access to Internet access-list inside_access_in extended permit ip inside 255.255.255.0 any access-list dmz_access_in remark Access to Internet access-list dmz_access_in extended permit ip dmz 255.255.255.0 any access-list outside_access_in extended permit icmp any host ABA-Pilot access-list outside_access_in extended permit tcp any host ABA-NAS object-group DM_INLINE_TCP_1 access-list outside_access_in extended permit tcp any host ABA-Pilot object-group ABA-pilot access-list outside_access_in remark Management Access from Outside access-list outside_access_in extended permit tcp any interface outside object-group Management-Access access-list outside_access_in extended permit ip any object-group DM_INLINE_NETWORK_1 pager lines 24 logging asdm informational mtu outside 1500 mtu inside 1500 mtu dmz 1500 mtu management 1500 ip verify reverse-path interface outside no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...