September 8, 2008 04:20am pdt

Member Login

Hall of Fame

Yearly

1batry_boy 260,200
2lrmoore 142,650
3dpk_wal 121,527
4RobWill 59,861
5harbor235 54,778
6rsivanandan 50,650
7JFrederic... 47,125
8Cyclops3... 44,576
9Voltz-dk 43,350
10naughton 36,380
11MrHusy 34,750
12from_exp 28,885
13ck459 24,625
14mabutterfi... 24,400
15donjohnston 23,750
16PeteLong 21,800
17mkielar 21,519
18stuknhaw... 21,000
19arnold 20,626
20giltjr 17,710
21_jesper_ 16,575
22Nothing_... 15,000
23raptorjb007 14,800
24mwecom... 14,305
25feptias 14,270

	[x] Attachment Details

Cisco ASA - no translation group found

Zones: Networking Hardware Firewalls, Cisco PIX Firewall

Tags: asa, translation, group, found, cisco

I have a Cisco ASA5510 that's been working fine for over a year now. However, after a reload none of the VPN connections and translations are coming up again. I receive a lot of "%ASA-3-305005: No translation group found for udp src dmz-public:x_web/2861 dst inside:10.11.15.6/53" type syslog messages.

I believe it must be due to some sort of NAT issue, but this was working fine before. I saved the configuration before reloading so it's not an old config either.

Inbound and outbound connections work fine, but it seems that inter-interface traffic is not being passed.

I have the following NAT and global statements:

nat (inside) 1 0.0.0.0 0.0.0.0
nat (dmz-dev) 0 access-list dmz-dev_nat0_outbound
nat (dmz-public) 0 access-list dmz-public_nat0_outbound
nat (dmz-public) 1 0.0.0.0 0.0.0.0
nat (dmz-exch) 0 access-list dmz-exch_nonat
nat (dmz-exch) 1 0.0.0.0 0.0.0.0

global (outside) 1 w.x.y.z

Hoping for quick assistance as my servers are currently not working properly. Any ideas of what could be wrong?

//Magnus

Start your free trial to view this solution

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.0

Question Stats

Zone: Computer Hardware

Question Asked By: magnuso

Solution Provided By: grblades

Participating Experts: 2

Solution Grade: B

Translate:

Loading Advertisement...

Open Discussion

Comment by dvandusen

static (inside,dmz-public) 10.11.15.x 10.11.15.x netmask 255.255.255.255

This solution worked for me where the 10.11.15.x was a specific server.
Thanks grblades

20080723-EE-VQP-34 / EE_QW_2_20070628