NAT Issue Cisco ASA 5520

So this is a stupid issue and I know it.

We have a Cisco 5520, we want to )temporarily) allow traffic form the outside to an internal server that will not live in the DMZ, but on our actual internal lan. yes I know the risk..

The outside IP is  2.3.4.5 which i need to go to 10.2.3.4
I only need ports 444/445 as well

When i add an external static i do this:
original:

interface = external
source = 2.3.4.5

translated:
interface = internal
Use Ip address = 10.2.3.4

i see traffic come in to my internal box but nothing goes back out.

if I add a reverse of this rule to my internal NAt list as a static, it stays the same..thoughts?
LVL 1
rsvsolutionsAsked:
Who is Participating?
 
rsvsolutionsConnect With a Mentor Author Commented:
I figured it out, it was my global nat pool...didnt have it right  :)
0
 
rsvsolutionsAuthor Commented:
It like I cant build the outbound connection back to the external IP.
0
 
harbor235Connect With a Mentor Commented:

hmm, you must have the correct rules for the traffic to hit the box, i.e static, NAT, and ACL. You must have an ACL on the inside interface, make sure the outbound traffic back to the external IP is allowed.

Can you post your config?

harbor235 ;}
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.