Re: EXTENDED keyword Added automatically in all static NAT after

AK002 · ‎07-22-2013

Hi Team,

We are facing one serious issue while upgrading our ASA 5585 from 8.25 to 9.01, while converting the code we are facing this below error

nat (inside,wan) source static obj-10.x.x.x obj-10.x.x.x extended destination static obj-x.x.x. obj-x.x.x

^

ERROR: % Invalid input detected at '^' marker

But when configuring we removed that extended keyword and configured it is taking but when we see in the show configuration it whill show with the extended keyword only

WANFW01(config)#nat (inside,wan) source static obj-10.x.x.x obj-10.x.x.x destination static obj-x.x.x. obj-x.x.x

WANFW01#show run | in destination static obj-x.x.x. obj-x.x.x

nat (inside,wan) source static obj-10.x.x.x obj-10.x.x.x extended destination static obj-x.x.x. obj-x.x.x

Any one please suggest the BUG ID for this issue.

Model:asa 5585

IOS:asa902-10-smp-k8.bin

Regards,

Arun

Jouni Forss · ‎07-22-2013

Hi,

There does seem to be a bug.

The Command Reference does state that is supposed to be a parameter used with Dynamic PAT.

Did a quick test on my own ASA with software versions 9.0(2)10 and 9.0(2)

It seems while normally adding for example a NAT0 type configuration with Twice NAT the ASA does indeed insert the parameter "extended" to a "static" configuration.

When I then boot up the software back to 9.0(2) from 9.0(2)10, the ASA shows a error during boot up and rejects the command that was in the configuration on the newer software.

I didn't find any Bug ID about this sort of problem so it is either something that is not public or it just hasnt been added to the database? I guess you should either open a TAC case or wait for an answer from Cisco employee. Natutally might be that I just have missed the Bug while looking for it.

- Jouni

EXTENDED keyword Added automatically in all static NAT after 8.25 to 9.02