asa 5505 not nat problem

Discussion in 'Cisco' started by richard pijlgroms, Mar 27, 2008.

  1. Hello,

    We try to install a 5505 with no nat-control. We have public addresses
    (subnet) for outside and public for inside. But we cannot route between
    the two interfaces. We turn off nat-control and we removed all nat
    lines.
    We put in an ACL to allow traffic from outside to inside. (outside sec=0
    inside sec=100) But in the syslogs we get the message while doing an
    ping or trace from the ASDM tools: unable to get next hop for
    xx.xx.xx.xx where xx is on our inside interface. We only put in a static
    route for the outside interface. 0.0.0.0/24 to next hop.

    The asa is on a dmz_restricted license. Can that be the problem ? Or are
    we missing something ??

    We are using pix 506 for a while like this but the asa is a little
    different in this
     
    richard pijlgroms, Mar 27, 2008
    #1
    1. Advertisements

  2. 1 strange behauvior: we opened up the telnet on the outside interface
    but we get connected but no login string.

    asdm works perfect, we can manage only from outside.
     
    richard pijlgroms, Mar 27, 2008
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.