Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.
During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.
We apologize for the inconvenience while we perform important updates to the Community.
I am starting over with a drawing.
The user out in the cloud is a client who wants to connect to https://www.help.megacorp.net:9443
Then I want the ASA do PAT on 9443 to 443 and forward that traffic to the host in the LAN (10.100.37.21)
help.megacorp resolves to 188.8.131.52
The logs on the router and ASA5520 show nothing. I must have something basically wrong.
If you need more detail from the config let me know.
Thanks a million,
Translation error gone....return traffic get to ASA now. But now I am getting:
Deny TCP reverse path check from 184.108.40.206 to 172.31.1.4 on interface outside_edgert_vlan10
Totally lost now....
This is the lastest drawing:
The traffic get translated fine at the ASA5520 coming in and gets to the 10.100.37.21 host. The return traffic gets to the ASA and thats when I see that error.
Just for fun I removed the statement:
ip verify reverse-path interface outside
And no change in behavior, however the ASA generates no errors.
I do not understand - your original posting was for help.megacorp.net ?
If you cannot change the acl/static nat on the asa - then then only thing I can suggest to you, is you must debug and troubleshoot.
And ehcek the forums for simular postings.
Sorry that was a typo ... I mean to say help.megacorp.net ....
I will keep banging my head on this and if I discover what the problem is I will let everyone know ..
Thanks for your help. I appreciate it very much.