Hi Alex,This not a bug in the code. The issue here is that the real port in both cases is the same i.e, 2222. On ASA versions 8.3 and above the access-list uses the real ports and IP addresses to allow traffic to an internal host.Having configured bo...
That is absolutely correct! This is mentioned in the configuration guide for the ASA -http://tools.cisco.com/squish/55AC0The first "note" on this link mentions the following -DNS rewrite is not applicable for PAT because multiple PAT rules are applic...
Hi Daniel,I think the issue that you see here is because of two reasons -a) the mapped IP in your case is the outside interface IP address and in this scenario you would expect to see the traffic getting dropped with the syslog message you mentioned....
Hi Mahesh,You would need a Security Plus license on the ASA 5505 to make use of this feature on the ASA.As you can see in the output above, the following line -Dual ISPs : DisabledThis would be enabled on applying the Security Pl...
Ok. What about the hosts that you are sourcing the ping from, are they also on the DMZ?Assuming that the host you are sourcing the ping from is also on the DMZ, let's apply captures on the DMZ interface as below -host ip x.x.x.x#cap capi interface DM...