Background: after looking at the document I will tell you that the scenario is the FEP_server initiates communications to the 22.214.171.124 tcp 4113 router. We use this as a backup and I know for a fact it worked before adding the RockyPH-transparent-fw and the FEP-transparent-FW. This testing was done when the SY_Firewall went in and everything worked. Several months ago the RockyPH-transparent-fw was installed. Today the FEP-transparent-FW was installed and we started testing this backup communications link and it would not work. I noticed the syslog in the SY_firewall saying 'icmp block src: 126.96.36.199 to 172.19.0.1'....I don't know why the RockyPH-tran-fw would be trying to ping the server????? So I added ace to both interfaces (inside/outside) to allow traffic between 172.19.0.1 and 188.8.131.52 and everything started working!! Why would I have to add those ACE to make this work??
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...