Hi,
I have recently 'inherited' the network role at work and have come across this problem which I hope you knowledgeable can help me with.
We have a ASA 5505 with a Security Plus package which, in theory, has a combined capacity of up to 25 VPN users. However, in practise it seems only two people are able to log on at any one time. When the third users logs on, the next IP address, within the defined IP pool, is correctly assigned but when they try to connect via Rempte Desktop it eventually times out. Upon checking the logging monitor it says something like...
Expalnation:
'%PIX|ASA-3-305005: No translation group found for protocol src interface_name:dest_address/dest_port dst interface_name:source_address/source_port'
A packet does not match any of the outbound nat command rules.
Recommended Action:
This message indicates a configuration error. If dynamic NAT is desired for the source host, ensure that the nat command matches the source IP address. If static NAT is desired for the source host, ensure that the local IP address of the static command matches. If no NAT is desired for the source host, check the ACL bound to the NAT 0 ACL.
Please note I do not have a firewall/security background, as mentioned earlier this role was 'inherited' so could you explain exactly what this means in clear & simple terms.
Thanks in advance.
Regards.
I have recently 'inherited' the network role at work and have come across this problem which I hope you knowledgeable can help me with.
We have a ASA 5505 with a Security Plus package which, in theory, has a combined capacity of up to 25 VPN users. However, in practise it seems only two people are able to log on at any one time. When the third users logs on, the next IP address, within the defined IP pool, is correctly assigned but when they try to connect via Rempte Desktop it eventually times out. Upon checking the logging monitor it says something like...
Expalnation:
'%PIX|ASA-3-305005: No translation group found for protocol src interface_name:dest_address/dest_port dst interface_name:source_address/source_port'
A packet does not match any of the outbound nat command rules.
Recommended Action:
This message indicates a configuration error. If dynamic NAT is desired for the source host, ensure that the nat command matches the source IP address. If static NAT is desired for the source host, ensure that the local IP address of the static command matches. If no NAT is desired for the source host, check the ACL bound to the NAT 0 ACL.
Please note I do not have a firewall/security background, as mentioned earlier this role was 'inherited' so could you explain exactly what this means in clear & simple terms.
Thanks in advance.
Regards.
