Cannot access Backup interface from inside

When pointing to our Webdefense proxy (port 3178) on backup interface 64.2.113.132 our packets are blocd:

Config
static (inside,backup) 64.2.113.132 192.168.10.12 netmask 255.255.255.255
nat-control
match ip inside host 192.168.10.12 backup any
static translation to 64.2.113.132
translate_hits = 1020, untranslate_hits = 2595
ASA-111608a-config.txt
snchelpdeskAsked:
Who is Participating?
 
donaldchapellConnect With a Mentor Commented:
I would take nat-control off, I have had nightmares trying to use that.
0
 
Pete LongTechnical ConsultantCommented:
Im confused -  whats blocked? you have no outgoing web trafiic?
0
 
snchelpdeskAuthor Commented:
Sorry for the confusion,  we recently switched from a Netgear router that was configure to allow access to an external web defense proxy via port 3128.  With the new ASA setup the traffic seems to be blocked - the only rule I could find to allow hasn't worked:

object-group service Common tcp
 group-object RDP
 group-object TimeClock
 group-object rww
 port-object eq 3128
 port-object eq www
 port-object eq https
 port-object eq pptp
 port-object eq 1471

access-list backup_access_in extended permit tcp any host 64.2.113.130 log errors
access-list backup_access_in extended permit tcp 192.168.10.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list backup_access_in extended permit udp 192.168.10.0 255.255.255.0 192.168.10.0 255.255.255.0
access-list backup_access_in extended permit tcp any host 64.2.113.132 object-group Common log critical

ASA-111708-config.txt
0
 
snchelpdeskAuthor Commented:
I dropped nat-control but my is dependent on it.  I have resolved the issue by setting up a dns entry to the local interface of the server hosting the web defense access.  Off to find an easy way to monitor the ASA traffic - I have another application that wants RPC...  Thank you for your assist.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.