TAsk 4.3 NAT Config

hello christain,

i oberved that for task 4.3 ( ISE CWA) you did a NAT entry for ISE address ( because the requirement states that no route should be created)

ASA 1 ver code is 8.6 but your NAT entry is liek ASA1 was running on ver 8.2

static (INSIDE,DMZ1) 140.1.45.100 172.16.3.100 netmask 255.255.255.255
static (INSIDE,DMZ2) 140.1.45.100 172.16.3.100 netmask 255.255.255.255

and you then created access-list with reference to the MAPPED Address ( which is the way 8.2 would have been created)

access-list DMZ1_IN permit udp host 150.1.11.11 host 140.1.45.100 eq 1645
access-list DMZ1_IN permit udp host 150.1.11.11 host 140.1.45.100 eq 1812

access-list DMZ2_IN permit tcp 140.1.71.0 255.255.255.0 host 140.1.45.100 eq 8443

 

i created by acces-list reference the REAL Addrr

i just want to know why your solution was different

i did get some error like " no valid adjacency"

what does this error mean

 

Comments

  • Hi,

       Could be that script did no properly load the initial configuration. To do the lab, make sure you run 8.2, which could require a manual reload from your side. If you run 8.2, you need to specify the mapped address in ACL. "no valid adjacency" may be due to several reasons, just post the config; still i'm gonna give it my best guess which is that in the NAT rule you have configured a wromg interface.

    Regards,

    Cristian.

Sign In or Register to comment.