Hi ,
After doing the configuration as mentioned in the workbook, R3 cannot ping CA-server mapped IP ( 150.51.0.100).
Below are the logs from R3, ASA2..
Please advice..
ASA2 config:
object network CA-Server
host 10.0.1.100
object network CA-Trans
host 150.51.0.100
access-list WWW extended permit tcp any host 10.0.1.100 eq www
pager lines 24
mtu Outside 1500
mtu Inside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
!
object network CA-Server
nat (Inside,Outside) static 150.51.0.100 dns
access-group WWW in interface Outside
!
Captures from ASA2 Inside interface:
ASA2(config)# sh capture IN
798 packets captured
1: 22:24:33.173712 802.3 encap packet
2: 22:24:34.032682 10.0.1.3 > 150.51.0.100: icmp: echo request
3: 22:24:34.190313 10.0.1.12 > 224.0.0.5: ip-proto-89, length 52
4: 22:24:34.874527 10.0.1.3 > 224.0.0.5: ip-proto-89, length 64
5: 22:24:35.204731 802.3 encap packet
6: 22:24:35.972438 10.0.1.3 > 150.51.0.100: icmp: echo request
7: 22:24:37.106241 802.3 encap packet
8: 22:24:37.908125 10.0.1.3 > 150.51.0.100: icmp: echo request
9: 22:24:39.098032 802.3 encap packet
10: 22:24:39.979411 10.0.1.3 > 150.51.0.100: icmp: echo request
11: 22:24:41.161826 802.3 encap packet
12: 22:24:41.984415 10.0.1.3 > 150.51.0.100: icmp: echo request
13: 22:24:42.437340 10.0.1.100 > 224.0.0.5: ip-proto-89, length 64
14: 22:24:43.162589 802.3 encap packet
15: 22:24:44.017470 10.0.1.3 > 150.51.0.100: icmp: echo request
16: 22:24:44.190221 10.0.1.12 > 224.0.0.5: ip-proto-89, length 52
17: 22:24:44.935345 10.0.1.3 > 224.0.0.5: ip-proto-89, length 64
18: 22:24:45.188390 802.3 encap packet
19: 22:24:47.217243 802.3 encap packet
20: 22:24:49.146904 802.3 encap packet
21: 22:24:51.237994 802.3 encap packet
22: 22:24:52.453025 10.0.1.100 > 224.0.0.5: ip-proto-89, length 64
23: 22:24:53.239169 802.3 encap packet
24: 22:24:53.884628 10.0.1.3.51838 > 150.51.0.2.53: udp 21
25: 22:24:53.898375 150.51.0.2.53 > 10.0.1.3.51838: udp 37
26: 22:24:53.924360 10.0.1.3 > 150.51.0.100: icmp: echo request
27: 22:24:54.190313 10.0.1.12 > 224.0.0.5: ip-proto-89, length 52
28: 22:24:55.010985 10.0.1.3 > 224.0.0.5: ip-proto-89, length 64
29: 22:24:55.341245 802.3 encap packet
From R3
R3#sh run | i ip
no ip icmp rate-limit unreachable
ip tcp synwait-time 5
ip cef
ip name-server 150.51.0.2
ip address 10.0.1.3 255.255.255.0
R3#ping WWW
Translating "WWW"...domain server (150.51.0.2) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.51.0.100, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R3#