[c-nsp] Global nat issue (asa 5550)
Bunny Singh
jump2fly82 at yahoo.com
Thu Apr 1 09:48:46 EDT 2010
Hi,
We have a asa 5550, on which i am trying to do the global nat but not able to get the success. I am getting the error message " port translation creation failed for tcp src inside" .
following are the configuration i have done on asa:--
global (outside) 3 220.0.0.1
nat (inside-test) 3 access-list hidenat
access-list inside-test extended permit tcp host 10.0.0.2 any eq www log (access list map with the interface)
access-list inside-test extended permit tcp host 10.0.0.3 any eq www log (access list map with the interface)
access-list hidenat extended permit ip host 10.0.0.2 any
access-list hidenat extended permit ip host 10.0.0.3 any
Security level:--
inside-test security-100
outside security-0
(10.0.0.* is my internal IP, 220.0.0.* advertised to public internet).
If i do the static nat, there will be no issue. So how do i correct this issue?
Bunny
More information about the cisco-nsp
mailing list