No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


NAT server failed because of miss-configuration

Publication Date:  2014-04-29 Views:  107 Downloads:  0
Issue Description
USG 5500 version V300R001C00SPC700. 

Customer reported that is trying to configure nat server and configuration it fail to take effect. 

nat server 0 vpn-instance vp1 zone untrust global inside no-reverse vpn-instance vp2

Alarm Information
Ping to internal server via failed.
Handling Process
Nat server having inside address in one vpn-instance and outside ip address into another vpn-instance is not currently supported on USG firewall

We advice to use the working scenario when the server resides in the public VPN, and the client resides in another VPN instance, only one vpn-instance parameter is specified.
For example, nat server vpn-instance vpn1 zone untrust global inside

Or configure nat server for the situation when inside address and outside address reside in the same vpn-instance. 
Root Cause