cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
502
Views
1
Helpful
2
Replies

%Port 500 is being used by system

joshdouch
Level 1
Level 1

Hey!

I'm trying to add a NAT rule to my ISR 4321 (Cisco IOS XE Software, Version 17.03.05) for an IPSec VPN running on an ASA 5515-X, but I am receiving the following message. I'm not running IPSec on the ISR as far as I'm aware. Any ideas? 

isr4321(config)#ip nat inside source static udp 172.16.12.2 500 interface Virtual-PPP9797 500
%Port 500 is being used by system
isr4321(config)#ip nat inside source static udp 172.16.12.2 4500 interface Virtual-PPP9797 4500
%Port 4500 is being used by system

isr4321#sh ip nat portblock dynamic global
tcp:
5062 -6085 rfcnt 3 545 -617 rfcnt 3
udp:
5062 -6085 rfcnt 3 512 -584 rfcnt 3
isr4321#show ip nat portblock pat global
tcp:
443 rfcnt 6
udp:
443 rfcnt 6

Thanks!

 

2 Replies 2

It can two

Bug 

Or 

You config first PAT the  static  NAT in router' 

For second point remove all NAT in router' then add first static NAT the  PAT and check

MHM

balaji.bandi
Hall of Fame
Hall of Fame

can you post show run from router or check below commands to see the open ports :

show ip sockets

show control-plane host open-ports or show ip ports all

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Review Cisco Networking for a $25 gift card