I have an internal secure network that my client wants to put on his network but still keep it secured so only certain machines can access it. So I have set up a Cisco ASA to sit between the two networks. However I can't get it to work right. I know I have done something wrong, but I can't seem to figure it out. I have four machines that the techs use and those machines have static IP addresses now. They are supposed to be allowed inside the network, but when I have the rules setup Packet Tracer says the packets won't go through. Diagram of network setup. From what I thought I did, any device that is in the CL_Workstations should be allowed through on the Secure_Ports ports to the NAT'ed IPs. Cisco Config Any ideas what I did wrong.