Solved: Re: CISCO ROUTER COMMAND IP NAT SOURCE AUTOMATICALLY MISSING - NO REBO

Kvint77 · ‎03-30-2022

Hi i still wondering what happen in my cisco router,

my command automatically deleted by router, i'm not doing anything not even reload the router.

Please help.
the command is

ip nat source ip addr1 ip addr2 extendable.

Thank you

paul driver · ‎04-01-2022

Hello
It could be your rtr doesn't really support NVI nat even though the commands are available.

If you want to hairpin then you can still do this with classic nat (inside/outside domains) its a bit more complex to setup but it does work.

Example

int loopback 10
ip address 169.1.255.254 255 255.255.255
ip nat inside

route-map Hairpin
set interface loopback10

ip access-list extended PAT
deny ip 10.0.0 0 0.15.255.255 10.0.0.0 0.15.255.255
permit ip 10.10.9.0 0.0.0.255 any
permit ip 10.20.0.0 0.0.255.255 any

ip access-list extended hairping
permit ip 10.10.9.0 0.0.0.255 host 10.10.9.109
permit ip 10.20.0.0 0.0.255.255 host 10.10.9.109

ip nat inside source list PAT GigabitEthernet0
ip nat inside source list hairping GigabitEthernet0
ip nat inside source static 10.10.9.109 139.255.48.152

interface GigabitEthernet0/0
description WAN
ip nat outside

interface GigabitEthernet0/1
description LAN
ip nat outside
ip policy route-map Hairpin
no ip redirects

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

MHM Cisco World · ‎04-01-2022

there are bug make NAT disappear like below one,
what is your IOS Ver.?
https://quickview.cloudapps.cisco.com/quickview/bug/CSCsi30964

View solution in original post

Leo Laohoo · ‎03-30-2022

Post the complete output to the following commands:


1.  sh version

2.  dir

Kvint77 · ‎03-30-2022

Thank you for your reply Mr Leo,
because i am accessing the router by remote, sorry if the config is shown by picture.

Dir

Show Version

Leo Laohoo · ‎03-30-2022

The router has an uptime of 1 week so this means it did not crash.

Kvint77 · ‎03-30-2022

yes, but the command

ip nat source static 10.10.12.189 139.255.48.198 extendable

got deleted automatically, i don't know why.
it cause network error after it missing.

Leo Laohoo · ‎03-30-2022

Update the firmware of the router.

MHM Cisco World · ‎03-31-2022

...

paul driver · ‎03-31-2022

Hello

Does you router even support domainless nat

Have you tried domain nat instead?

ip nat inside source static x.x.x.x x.x.x.x

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Kvint77 · ‎03-31-2022

Hello Paul, thanks for replying.
How to check it? my router version is 15.4(3).M3

MHM Cisco World · ‎03-31-2022

ip nat inside source static 
ip nat source static 

what is the different??

1-first one is apply to physical interface,
you config 
ip nat inside source static 
then 
ip nat inside 
ip nat outside 

2-seocnd is apply to virtual interface, 
so in global mode 
config the 
ip nat source static 
that it no need more.

I think you config 
ip nat source static 
then you config 
ip nat inside 
ip nat outside

and that make NAT disappear.

please check this point

Kvint77 · ‎03-31-2022

my config before is using

 ip nat inside source..

however, i need my server to be able access server public ip (i map it to virtual IP) internally.

following this tips:
https://community.cisco.com/t5/routing/how-to-do-nat-reflection-nat-hairpin-on-a-cisco-1800-router/td-p/2754725
it all worked as i need but the command

ip nat source ...

its like got deleted automatically around 3-4 hours after i write the command.

already set

no ip nat inside for int g0/0 and no ip nat outside for int g0/1

Kvint77 · ‎03-31-2022

interface GigabitEthernet0/0

 no ip nat outside

 no ip redirects

 ip nat enable

!

interface GigabitEthernet0/1

 no ip nat inside

 no ip redirects

 ip nat enable

!

ip access-list extended NAT

 permit ip 10.10.9.0 0.0.0.255 any

 permit ip 10.20.0.0 0.0.255.255 any

!

ip nat source static 10.10.9.109 139.255.48.152 extendable

ip nat source list NAT interface GigabitEthernet0 overload

!

end

MHM Cisco World · ‎04-01-2022

there are bug make NAT disappear like below one,
what is your IOS Ver.?
https://quickview.cloudapps.cisco.com/quickview/bug/CSCsi30964

paul driver · ‎04-01-2022

Hello
It could be your rtr doesn't really support NVI nat even though the commands are available.

If you want to hairpin then you can still do this with classic nat (inside/outside domains) its a bit more complex to setup but it does work.

Example

int loopback 10
ip address 169.1.255.254 255 255.255.255
ip nat inside

route-map Hairpin
set interface loopback10

ip access-list extended PAT
deny ip 10.0.0 0 0.15.255.255 10.0.0.0 0.15.255.255
permit ip 10.10.9.0 0.0.0.255 any
permit ip 10.20.0.0 0.0.255.255 any

ip access-list extended hairping
permit ip 10.10.9.0 0.0.0.255 host 10.10.9.109
permit ip 10.20.0.0 0.0.255.255 host 10.10.9.109

ip nat inside source list PAT GigabitEthernet0
ip nat inside source list hairping GigabitEthernet0
ip nat inside source static 10.10.9.109 139.255.48.152

interface GigabitEthernet0/0
description WAN
ip nat outside

interface GigabitEthernet0/1
description LAN
ip nat outside
ip policy route-map Hairpin
no ip redirects

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Kvint77 · ‎04-01-2022

Hi Paul, thank you so much for your help.
i am trying to apply your example. its same as NVI let me check it. hope it works more stable
thank you Paul.

CISCO ROUTER COMMAND IP NAT SOURCE AUTOMATICALLY MISSING - NO REBOOT