No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NAT server failed because of miss-configuration

Publication Date:  2014-04-29 Views:  97 Downloads:  0
Issue Description
USG 5500 version V300R001C00SPC700. 

Customer reported that is trying to configure nat server and configuration it fail to take effect. 

nat server 0 vpn-instance vp1 zone untrust global 1.1.1.1 inside 10.1.1.1 no-reverse vpn-instance vp2

Alarm Information
Ping to internal server via 1.1.1.1 failed.
Handling Process
Nat server having inside address in one vpn-instance and outside ip address into another vpn-instance is not currently supported on USG firewall

We advice to use the working scenario when the server resides in the public VPN, and the client resides in another VPN instance, only one vpn-instance parameter is specified.
For example, nat server vpn-instance vpn1 zone untrust global 1.1.1.1 inside 2.2.2.2.

Or configure nat server for the situation when inside address and outside address reside in the same vpn-instance. 
Root Cause
none
Suggestions
none. 

END