Re: Broken NAT

Sandip Barot · ‎03-22-2013

Hi,

I have a cisco router 2612 where NAT is defined as below

ip nat inside source static tcp 192.168.1.63 80 175.x.x.x 80 extendable

It appears that after sometime (may be in few hours) the NAT is broken and I no longer can access the server over port 80 externally.

Only way to reconnect it is remove and add command back :

Router # no ip nat inside source static tcp 192.168.1.63 80 175.x.x.x 80 extendable

and then

Router # ip nat inside source static tcp 192.168.1.63 80 175.x.x.x 80 extendable

Can anyone please help in suggesting troubleshooting above ?

Thanks

Sandip

paul driver · ‎03-24-2013

Hello Sandip
When you say it appears nat is broken can you be more explicit?

Also can please post your config.

Res
Paul

Sent from Cisco Technical Support iPad App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

johnlloyd_13 · ‎03-24-2013

hi,

this usually happens when there's too many NAT table entries and due to a low router memory.

could you monitor again and post show ip nat translations and show memory statistics history if the problem re-occurs?

anisaini · ‎03-24-2013

perform following steps to further isolate the issue.

1. check if the nat translation is happening

2. check if there is actual traffic matching nat

3. debug the ip nat and check if translations happening(logg to buffer or with ACL)

4. check if the intended traffic hits the interface where inside nat configured(usin ACL)

5. check if the routing table points to the same exit interface where the nat outside is configured.

6. also check if there is any assymetric routing.