Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT Problems with Accessing the Router ASA 5505

First off, let me apologize for pulling such a bone-headed beginner's mistake, but after all, I am brand new to the world of Cisco routing and networking in general.

I was attempting to create a route to a wireless router that resides on a subdomain and I ended up blocking direct access to the router.

The Cisco router's internal IP address is 192.168.1.1.

The Linksys wireless router that I was trying to link to is 192.168.1.135.

The subdomain under the wireless router is 192.168.3.x, with the router being 192.168.3.1.

I was able to connect to the router through Windows HyperTerminal, and when I run the show nat command, I can see my error.

Below I'll post the results of the show nat, but can anyone here help me to delete that one section that is causing the problems?

The router is an ASA 5505. The network is working fine, and so is the VPN client. The only problem that I'm having is that I can't connect to the router itself over the network.

Here is the result of the show nat command with the problem line starred:

Router1-ASA5505# show nat

NAT policies on Interface inside:

match ip inside 192.168.1.0 255.255.255.0 inside 196.0.0.0 255.255.255.0

NAT exempt

translate_hits = 0, untranslate_hits = 0

match ip inside 192.168.1.0 255.255.255.0 inside 192.168.2.0 255.255.255.0

NAT exempt

translate_hits = 0, untranslate_hits = 0

match ip inside 192.168.1.0 255.255.255.0 outside 196.0.0.0 255.255.255.0

NAT exempt

translate_hits = 504, untranslate_hits = 239

match ip inside 192.168.1.0 255.255.255.0 outside 192.168.2.0 255.255.255.0

NAT exempt

translate_hits = 2965, untranslate_hits = 226

match ip inside 192.168.1.0 255.255.255.0 _internal_loopback 196.0.0.0 255.255

.255.0

NAT exempt

translate_hits = 0, untranslate_hits = 0

match ip inside 192.168.1.0 255.255.255.0 _internal_loopback 192.168.2.0 255.2

55.255.0

NAT exempt

translate_hits = 0, untranslate_hits = 0

match tcp inside host 192.168.1.100 eq 3389 outside any

static translation to xxx.xxx.xxx.xxx/3389

translate_hits = 21, untranslate_hits = 353

*** match ip inside host 192.168.1.135 inside host 192.168.3.1

static translation to 192.168.1.1

translate_hits = 0, untranslate_hits = 3045 ***

match ip inside any inside any

dynamic translation to pool 1 (No matching global)

translate_hits = 0, untranslate_hits = 0

match ip inside any outside any

dynamic translation to pool 1 (xxx.xxx.xxx.xxx [Interface PAT])

translate_hits = 1520191, untranslate_hits = 174412

match ip inside any _internal_loopback any

dynamic translation to pool 1 (No matching global)

translate_hits = 0, untranslate_hits = 0

match ip inside any outside any

no translation group, implicit deny

policy_hits = 0

Thank you in advance for any help leading to resolving this problem.

-Greg

1 REPLY
Silver

Re: NAT Problems with Accessing the Router ASA 5505

Use this configuration guide .

Cisco ASA 5500 Series Adaptive Security Appliances

http://www.cisco.com/en/US/products/ps6120/tsd_products_support_configure.html

586
Views
0
Helpful
1
Replies
CreatePlease login to create content