Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
604
Views
0
Helpful
3
Replies

C1101-4p skipping a line in startup config

thomaspbjr
Level 1
Level 1

‎06-01-2020 09:07 AM

I have a C1101-4p that keeps skipping a static IP/port mapping when it reloads. Please see example of the line below

 

ip nat inside source static tcp x.x.x.x 443 x.x.x.x 443 extendable

 

This is the first line of the static mappings. It will load the 5 lines immediately following, including another line for the same IP address involving a different port. Each time the router reloads I have to manually enter this configuration. 

Labels:
0 Helpful
3 Replies 3

Georg Pauwen
VIP
VIP

‎06-01-2020 11:16 AM

Hello,

 

you could be hitting the bug below:

 

Reorder ip nat configuration - to be placed after ip http configuration
CSCvn67870
Description
Symptom:
Upon reboot, while the device is loading the configuration we see the following error "%Port 443 is being used by system". The happens upon every reload whenever static NAT for tcp port 443 is configured even though the HTTPS secure port is changed to 9999.

Conditions:
Router configured with local HTTPS server on non-default port.

ip http secure-server
ip http secure-port 9999

Static NAT using port TCP 443 is configured

ip nat inside source static tcp 172.16.0.1 443 192.168.0.1 443 extendable

Workaround:
- Reconfigure the static NAT entry for TCP 443 after every reboot.
While this is valid to a certain degree, due to CSCvn67837 - 4 minute caveat and with the usability and ease of configuration aspects, this is not a very good workaround
but yes #3 is a workable solution that has been used by some other customers while they got the actual fix

- Use EEM script to reconfigure the static NAT entry for TCP 443 after reboot.
This is a good workaround for customers to use,

0 Helpful

Georg Pauwen
VIP
VIP
In response to Georg Pauwen

‎06-01-2020 11:27 AM

The EEM script mentioned in the bug would look like this:

 

event manager applet STATIC_NAT
event syslog pattern "SYS-5-RESTART"
event timer countdown time 30
action 1.0 cli command "enable"
action 2.0 cli command "config terminal"
action 3.0 cli command "ip nat inside source static tcp x.x.x.x 443 x.x.x.x 443 extendable"
action 4.0 cli command "end"
action 5.0 cli command "write"

0 Helpful

thomaspbjr
Level 1
Level 1
In response to Georg Pauwen

‎06-05-2020 05:58 PM

I've written the following applet but it will not run on reboot
event manager applet fixnat event timer countdown time 30 action 1.0 cli command "enable" action 2.0 cli command "config terminal" action 3.0 cli command "ip nat inside source static tcp x.x.x.x 443 x.x.x.x 443 extendable" action 4.0 cli command "end"
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card