We are hitting port exhaustion on our single-address NAT. Trying to change the NAT object to a range results in loss of connectivity.
It works when I run it as:
nat (Inside,Outside) after-auto source dynamic INSIDE_SUBNETS interface
But not when I run it as
nat (Inside,Outside) after-auto source dynamic INSIDE_SUBNETS OUTSIDE_NAT_POOL
Pool config:
sh run obj net in | incl NAT_POOL object network OUTSIDE_NAT_POOL range 1.2.3.4 1.2.3.5
Where am I going wrong? There are several other after-auto NATs that are working correctly, but are all configured with a single IP or configured to use the interface.
No comments:
Post a Comment