Hi Experts,
I am facing a problem in configuring destination static NAT when
configuring hairpin flow on the ASA firewall.
src: 10.0.0.10 dest : 192.168.1.10 ( NAT IP :172.16.10.10)
When traffic enters the inside interface which needs to be exit the same
interface where the traffic gets into the VPN tunnel.
Hence I have configured the global configuration command to enable hairpin
flow.
*same-security-traffic permit intra-interface*
I think after arriving the trafic, it enters to the tunnel so we don't
require any NAT to allow the incoming traffic and also I don't require
source NAT, need only destination NAT.
I have tried by putting the below statement, but it seems this static
(inside,inside) works for the source NAT but it didn't work for the
destination NAT. Pls help me, Any idea would really appreciate...
static (inside,inside) 172.18.20.10 192.168.1.10 netmask
255.255.255.255 ( not working)
static (inside,inside) 192.168.1.10 172.18.20.10 netmask
255.255.255.255 ( not working)
Thanks & Regards
*Sathish...*
Blogs and organic groups at http://www.ccie.net
Received on Mon May 25 2009 - 21:42:29 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:43 ART