Hall of Fame

1. JFrederic...459,465
2. MikeKane299,205
3. lrmoore297,968
4. ikalmar186,760
5. 3nerds173,965
6. asavener135,520
7. PeteLong132,501
8. bignewf107,905
9. Voltz-dk102,615
10. nodisco86,087
11. MrHusy80,063
12. kenboonejr75,275
13. jodylemoine67,552
14. ccie2292159,700
15. that1guy1549,812
16. ricks_v49,349
17. rsivanandan48,563
18. RPPreacher46,718
19. stsonline46,325
20. debuggerau43,450
21. Cyclops3...41,004
22. Donboo38,930
23. rochey2...38,714
24. Quori38,050
25. egyptco36,150

1. lrmoore2,923,121
2. batry_boy1,055,485
3. JFrederic...654,665
4. PeteLong477,334
5. rsivanandan404,347
6. MikeKane385,826
7. nodisco363,574
8. grblades351,435
9. Voltz-dk335,524
10. MrHusy334,309
11. Cyclops3...262,318
12. calvinetter254,590
13. ikalmar186,760
14. 3nerds173,965
15. harbor235163,330
16. asavener135,520
17. bignewf130,085
18. RPPreacher122,741
19. tim_holman120,177
20. mkielar116,985
21. keith_ala...113,219
22. _jesper_109,205
23. carribeant...108,132
24. Pugglewu...89,432
25. decoleur83,309

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

Nat and transparent firewall issue - cisco ASA

Asked by heathcote123 in Cisco PIX Firewall, Enterprise Firewalls, Networking Hardware Firewalls

Tags: cisco, asa, 5500

Big thanks to anyone that can help with this:

I have the following situations:

A load-balancing router performing NAT from a public interface to a private one (172.27.0.0). It has a translation from x.x.x.x to 172.27.0.12.

Behind this is a server and a few PC's. A A cisco asa doing transparent firewalling is also present between the switch and one server (172.27.0.12)

The server is on the same subnet and is seperated from the LAn with the cisco.

The aim is to be able to access the web server publically and from the lan.

Currently I have an 'allow ip any any' on both interfaces.

I can access the web server from 172.27.0.x without problems, but when I try to access it externally, it does not connect.

A 'show conn' sees the attempted connection with a flag of SaAB - suggesting a problem with the syn/ack bit.

Any clues?

View the Solution FREE for 30 Days

	Title
1	ASA 5510 question
2	cisco asa 5505 VPN issue
3	ASA 5510 config questions
4	Easy VPN connection problems to Cisc…
5	ASA 5510, cannot receive mails
6	Cisco 1841 routing problem