Having probles nating in cisco asa 8.4

Hi,

For some reason, my nats doesnt work. This is my first attempt at configuring a post 8.3 asa.

Relevant config afaik:

object network vent1
 host 192.168.0.122

access-list outside_access_in extended permit tcp host 82.xx.xx.xx object vent1 eq www

object network vent1
 nat (inside,outside) static interface service tcp www www


According to the syslog it works when I try to connect (from my office ip to my clients ip, which both starts with 82.xx) My web-browser fails the connection though - and the web site works fine from the inside.

6      Aug 29 2013      07:01:53            82.xx.xx.xx 30454      192.168.0.122      80      Built inbound TCP connection 65875 for outside:82.xx.xx.xx/30454 (82.xx.xx.xx/30454) to inside:192.168.0.122/80 (82.xx.xx.xx/80)

I must be overlooking something, but i have no idea what. Any thoughts?
LVL 1
daxa78Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rauenpcCommented:
In 8.4 code, the access lists are real-IP access lists which is opposite of 8.2 and prior. Your outside acl should use the 'vent1' object instead of 82.x.x.x.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Pete LongTechnical ConsultantCommented:
You only want to allow 1 IP address to the web server?
0
anoopkmrCommented:
try like this

no access-list outside_access_in extended permit tcp host 82.xx.xx.xx object vent1 eq www
access-list outside_access_in extended permit tcp any object vent1 eq www
access-group outside_access_in in interface outside
0
daxa78Author Commented:
Figured it out. The guys who set up the servers i tried to reach didnt configure gateway in tcp/ip settings.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.