Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7523
Views
15
Helpful
4
Replies

ASA 5510 - ERROR: NAT Policy is not downloaded

Go to solution
Difan Zhao
Level 5
Level 5

‎04-12-2013 09:40 PM - edited ‎03-11-2019 06:27 PM

Hi experts,

I removed my object by mistake and I can't add it back anymore... It keeps giving me this error...

The config was like

object network Prod-100-HTTPS

host 10.26.231.100

nat (inside,outside) static x.x.x.152 service tcp https 6440

Now I can have the object created with the host however for some reason I can't apply the nat configuration to it...

fw-01(config-network-object)#nat (inside,outside) static x.x.x.152 service tcp https 6440  

ERROR: NAT Policy is not downloaded

Also there is no in-use NAT entry for this IP...

fw-01(config)# sh nat 10.26.231.100 detail

No matching NAT policy found

This is really frustrating... I think it is because I "removed" the object before removing the NAT config... Anyway to fix this??

Thanks!

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎04-13-2013 12:04 AM

Hello Difan,

This is a known behavior for me,

To fix it right now:

1) Copy all the existing nat config

2) do clear configuration nat

3) configure all the nat statements again ( paste )

I know it sounds add but the thing is that the NAT process on the ASA got stuck ( being there done that )

Remember to rate all of the helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

4 Replies 4

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎04-13-2013 12:04 AM

Hello Difan,

This is a known behavior for me,

To fix it right now:

1) Copy all the existing nat config

2) do clear configuration nat

3) configure all the nat statements again ( paste )

I know it sounds add but the thing is that the NAT process on the ASA got stuck ( being there done that )

Remember to rate all of the helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Go to solution
Difan Zhao
Level 5
Level 5
In response to Julio Carvajal

‎04-13-2013 03:55 PM

Thanks very much Julio. I hope this is considered as bug and will be fixed in future release...

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to Difan Zhao

‎04-13-2013 04:08 PM

Hello,

Glad to hear that

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
Michael Muenz
Level 5
Level 5
In response to Julio Carvajal

‎10-01-2013 01:15 PM

Which version is/was affected? I'm running 8.4.5 and hit the same.

Is this already fixed with 8.4.6 or 7?

Michael

Please rate all helpful posts

Michael Please rate all helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card