trouble with removing NAC and letting traffic through
I have a simple network setup that at once had a NAT setup on it. I am trying to remove it so the IP from the inside is the same when it goes past the outside interface. It was originally setup with a global NAT and static entries. I removed the NAT and left the static entries. As long as I have the startic entry with it translating it from one subnet to the other the traffic gets through (example: static (inside,outside) 172.16.100.3 172.16.100.66 netmask 255.255.255.255 ). But when I adjust the static statement to reflect the same IP ( static (inside,outside) 172.16.100.66 172.16.100.66 netmask 255.255.255.255 ) the traffic does not get to the router. I have tried removing the static route all togehter and it does not do any good either. I tried using a Identity NAT statement, but that did not seem to work with the static (using the same IP, if I had the statement set to translate like in the first example it worked) or without. Since I am very new to working with Firewalls and I did not set this up I want to run this by some more professional eyes. Below is the entire FW configuration. If you need more information please ask. If you need the router config I can post it, but I really think it is a Firewall problem and it has to do with going between 2 different subnets (inside and outside interfaces). I need to set it up so IP from inside is retained when it goes past the outside interface. Any help would be appreciated
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :