cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
490
Views
0
Helpful
1
Replies

Cisco ASR1K CGNAT not Working

patcbr600
Beginner
Beginner

Hi all,

 

I have configured a cisco ASR1K for CGNAT and it only works for UDP traffic, is there any specific config that needs to be made to have TCP work for CGNAT ?

 

Config:

 

CGNAT#show run interface gigabitEthernet 0/1/0.220
Building configuration...

Current configuration : 122 bytes
!
interface GigabitEthernet0/1/0.220
encapsulation dot1Q 220
ip address 172.16.20.254 255.255.255.0
ip nat inside
end

CGNAT#show run interface gigabitEthernet 0/1/0.162
Building configuration...

Current configuration : 122 bytes
!
interface GigabitEthernet0/1/0.162
encapsulation dot1Q 162
ip address 172.16.2.140 255.255.255.0
ip nat outside
end

 

ip nat settings mode cgn
no ip nat settings support mapping outside
ip nat log translations flow-export v9 udp destination 172.16.20.142 59999 source GigabitEthernet0
ip nat translation timeout never
ip nat translation tcp-timeout never
ip nat pool CGNAT 172.16.2.140 172.16.2.140 netmask 255.255.255.0
ip nat inside source list 2 pool CGNAT overload

 

Thanks

 

1 Reply 1

Harold Ritter
Cisco Employee
Cisco Employee

It would be better to use the following configuration since the pool you defined only contains the address assigned to the outside interface.

 

ip nat inside source list 2 interface GigabitEthernet0/1/0.162 overload

 

Could you also post the ACL 2 that you use for the "ip nat inside" statement

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers