Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
924
Views
0
Helpful
1
Replies

Static NAT connection dropped.

awp5379
Level 1
Level 1

‎10-11-2013 08:07 AM - edited ‎03-04-2019 09:17 PM

Hi,

We are a small company and have had years of running on Cisco 2600/2620/2620XM routers without a problem for a very long time.  We have a block of public addresses available to us, so we used a static NAT table to separate mail, FTP, CRM, etc.. so that they all had their own IP address that was unique for each major server.

The 2600 routers ran on IOS 12.3 and 12.4 and the NAT table used this config:

ip nat pool OurNATPool x.x.x.99 x.x.x.99 netmask 255.255.255.224

ip nat inside source list 1 pool OurNATPool overload

ip nat inside source static 192.168.1.125 x.x.x.101

ip nat inside source static 192.168.1.71  x.x.x.102

ip nat inside source static 192.168.1.69  x.x.x.103

ip nat inside source static 192.168.1.46  x.x.x.104

ip nat inside source static 192.168.1.4   x.x.x.105

ip nat inside source static 192.168.1.34  x.x.x.106

ip nat inside source static 192.168.1.115 x.x.x.107

ip nat inside source static 192.168.1.83  x.x.x.108

ip nat inside source static 192.168.1.10  x.x.x.109

ip nat inside source static 192.168.1.84  x.x.x.111

ip nat inside source static 192.168.1.136 x.x.x.112

ip nat inside source static 192.168.1.5   x.x.x.125

Over time, our company's internal traffic started to overwhelm the capacity of the FastEthernet adapter and the processing power of the 2600 series routers.

We switched to a Cisco 881W router running IOS 15.1 and set it up to use the same Static NAT configurations.

Everything worked.  EXCEPT that the FTP connection mapped for 192.168.1.4 -> x.x.x.105 worked for 10 minutes and then actively refused any connections.  Resetting the router brings it back for another 10-15 minutes, and then it just goes away.  If we manually go in and remove and re-add the "ip nat inside source static 192.168.1.4   x.x.x.105" line, it comes right back.

I had thought it might be something wrong with the FTP server.  I pointed the NAT to a different machine on a different address and the same behaviour happened again.

I put the old 2600 router back online and things worked fine.  (But internal ability to access the internet was affected from the router dropping packets)

I went so far as to acquire a Cisco 2821 router running IOS 12.4, yet it ALSO "loses" the NAT translation to the FTP server after 10-15 minutes!

Right now, we are back to using our 881W router.  Anyone wishing to access the FTP server has to inform us in advance so we can remove and re-add the line and get them 10-15 minutes of access.

Labels:
15368983-Current Running Config.txt.zip
0 Helpful
1 Reply 1

rfalconer.sffcu
Level 3
Level 3

‎10-11-2013 08:23 AM

Have you run any debugs on ftp? Anything in the logs?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card