Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
826
Views
10
Helpful
7
Replies

Firewaal - NAT binding configuration erases

Fouard
Level 1
Level 1

‎08-31-2022 04:56 PM

Dear experts,

My company runs a vpn through a firewall. For far too long I have observed that the NAT binding erases when the firewall loses  power or when restarted. I have to reconfigure it all the time when this occurs. Please help.

Thanks in advance.

Labels:
7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

‎09-01-2022 03:19 AM

Active NAT Sessions will be gone - if you mean confirm lost ?

what Firewall and Code running on the Firewall. have you saved the config after NAT confiuration done, show us some example document.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Fouard
Level 1
Level 1
In response to balaji.bandi

‎09-02-2022 05:58 PM

Many thanks for your reply. I do save the configuration after but the issue remains persistent . 

MHM Cisco World
VIP
VIP
In response to Fouard

‎09-02-2022 06:05 PM

are you run HA ? I think the active FW sync config with standby and if active dont safe the config then standby will not get copy of NAT config. 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Fouard

‎09-03-2022 12:09 PM

what Firewall and Code running on the Firewall. have you saved the config after NAT confiuration done, show us some example document.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Fouard
Level 1
Level 1

‎09-05-2022 03:21 AM

Below is the firewall NAT configuration when working fine. As communicated earlier, after a power loss or reboot of the firewall, the configuration wipes out and have to be redone!

# show nat inSIDE1
match ip INSIDE1 10.117.0.0 255.255.255.0 OUTSIDE 10.109.10.0 255.255.255.0
static translation to 10.18.117.0
translate_hits = 66, untranslate_hits = 0
match ip INSIDE1 10.0.1.0 255.255.255.0 OUTSIDE 10.109.10.0 255.255.255.0
static translation to 10.18.117.0
translate_hits = 0, untranslate_hits = 0
match ip INSIDE1 10.0.2.0 255.255.255.0 OUTSIDE 10.109.10.0 255.255.255.0
static translation to 10.18.117.0
translate_hits = 0, untranslate_hits = 0

 

BELOW IS THE VERSION OF THE ROUTER INFORMATION

PAPSSVPN# show version

Cisco Adaptive Security Appliance Software Version 8.2(5)
Device Manager Version 6.4(5)

Compiled on Fri 20-May-11 16:00 by builders
System image file is "disk0:/asa825-k8.bin"
Config file at boot was "startup-config"

 up 31 mins 28 secs

Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 Celeron 2600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05

 

Thanks

 

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to Fouard

‎09-05-2022 04:28 AM

this XLATE not NAT safe in running config, 
do show running 
and check the NAT config 
the XLATE sure delete after reload. 

0 Helpful

Fouard
Level 1
Level 1
In response to MHM Cisco World

‎09-05-2022 07:38 AM

Please help with clarity sir. Am lost.

Thanks

0 Helpful
Customers Also Viewed These Support Documents