• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5263
  • Last Modified:

ASA 7.2 5510 portmap translation creation failed for tcp src inside

Hi ive got a NAT problem, the asa shows up a the error: "portmap translation creation failed for tcp src inside" when trying to access a specific lan, here are the network config
OUTSIDE is xx.xx.xx.xx
TEMPNET is > NET behind tempnet is /24
The Problem is i have only 2 IPs i can use in Tempnet, so i have to NAT all my internal IPs to 1 IP from the TEMPNET, TEMPNet is provided by another company and got its own router which forwards pakets into several foreign networks, to prevent routing issues (tempnet routers dont know routes into my local net) i need to nat all my local ips to lets say
I added a route for example route tempnet /24 (1.2 is the router from the TEMPNET).
Now here are my nat / global / statements:
access-list NAT_TEMP permit ip
access-list NAT_ANYDESTINATION permit ip any
nat (inside) 1 access-list NAT_ANYDESTINATION
nat (inside) 2 access-list NAT_TEMP
global (inside) 1 interface
global (tempnet) 2 interface

when trying to access i receive the errorcode: portmap translation creation failed..
when i change this:
no nat (inside) 2 access-list NAT_TEMP
no global (tempnet) 2 interface
global (tempnet) 1 interface

it works like a charm, but why isnt it working with the other config, lets say i want to split it more up and work with more then 1 nat rules based on source and destination it wont work, why do i cannot use multiple nat/global statements?

1 Solution
The way you have it, traffic hits nat rule 1  before rule 2 it always matches rule1

You can try this:
nat (inside) 10 access-list NAT_ANYDESTINATION
nat (inside) 2 access-list NAT_TEMP
global (outside) 10 interface
global (tempnet) 2 interface
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Tackle projects and never again get stuck behind a technical roadblock.
Join Now