Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 394
  • Last Modified:

Cisco ASA 5520 seems to be bypassing PAT statement

I am in the process of converting our ASA 5520 from 7.2 to 8.3.2 and everything has worked except for my PAT from inside to DMZ.  

in 7.2 we had:
global (dmz) 1 192.168.0.10

In 8.3.2 I converted it to:
object network dmz_net
   subnet 0.0.0.0 0.0.0.0
   nat (inside,dmz) dynamic 192.168.0.10


From what I understand that should be the same as before, but when I test this config the PAT is just bypassed and my real IP's are hitting the DMZ.  Granted I know that by design the ASA is working as it should but pushing the real IP's, but the DMZ servers all have an internal network address which is causing a loop.  So I need this PAT "bandaid" to work so I can slowly change to allow my real IP's.  Any help would be great so I can try to figure out this problem.
0
Kishwaukee
Asked:
Kishwaukee
  • 3
1 Solution
 
asavenerCommented:
Can you provide your full config?
0
 
KishwaukeeAuthor Commented:
what part do you want to look at?  I would rather not post the whole config, it is very long.
0
 
KishwaukeeAuthor Commented:
The issue resolved itself with time.  Not sure why it took a day for the stuff to work but it is now working.
0
 
KishwaukeeAuthor Commented:
I resolved it myself, well it resolved it on its own.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now