Re: Cannot remove NAT statements

Furry411 · ‎07-06-2017

I am trying to clean up the NATing to setup a VPN, but the Nats are overwritting the no nat statements. I am trying to clean them to by adding the

source dynamic any interface. The firewall is wanting me to remove them, and I cannot find anything online that points me to the right direction. Any help would be appreciated.

nat (inside,outside) dynamic x.x.x.x

and

nat (Hostnet,outside) dynamic interface

every time i try to remove it i get this

no nat (inside,outside) dynamic x.x.x.x

ERROR: % Invalid input detected at '^' marker.

no nat (Hostnet,outside) dynamic interface

ERROR: % Invalid input detected at '^' marker.

Cheers

prashant dwivedi · ‎07-06-2017

First you need to clear the existing NAT entries associated with the configuration that you want to remove.

Clear Xlate < host/subnet>

Furry411 · ‎07-06-2017

I have cleared all the xlates from the interface Hostnet, then shut down the interface and still it is not letting me delete the NAT statement.

prashant dwivedi · ‎07-07-2017

should we try below ?

1- clear configuration NAT

2- remove the interface configuraiton

3- then remove the NAT config..

Spooster IT Services · ‎07-07-2017

Hi Furry411@gmail.com,

These NAT entries are under object configuration. You cannot remove it from global mode. You need to go to object configuration mode first by issing the command:

object network <WORD>
no nat (inside,outside) dynamic x.x.x.x

object network <WORD>
no nat (Hostnet,outside) dynamic interface

Spooster IT Services Team

3656089 · ‎04-20-2020

for example,

object network obj-10.40.40.100
host 10.40.40.100
nat (inside,outside) static 30.30.30.30 dns

to remove the NAT entry,

object network obj-10.40.40.100
no nat (inside,outside) static 30.30.30.30 dns