07-27-2010 01:43 AM - edited 03-04-2019 09:11 AM
I have recently installed a router with CME funcionality to be a gateway for a small network. The router has one public IP address for it outside interface witch handles the PAT for the internal hosts. There are 3 static nat translations on another public adderss from the same pool as the IP address on the outside interface. The first and the second static nat transaltions are for port 25 and 88 and the third is on port 80. The router works properly for certain amount of time and sudenly stops all traffic for the three static nat entries(despite PAT on the outside interface works fine). Traffic does not come back until I remove one of the static nat entries and put it back again. I checked the arp entries and I found out that when they expire traffic stops. When I remove and put back the static entries arp table refills and traffic comes back again. Can you tell me how I can handle this?
Solved! Go to Solution.
08-19-2010 06:22 PM
The symptoms kind of match the bug descriptions although the image they are running is not in the affected list (in fact, that code should have the fix in it). However, I guess it could be a good idea to try the workaround to see if that helps. If that does, you can contact TAC and they will be able to dig deeper to see if the 12.4(24)T3 code indeed has the fix or not.
04-11-2016 06:27 AM
I have found the solution! DO NOT USE IP NAT POOL!!!! (if you are using Static and Dynamic NAT Simultaneously)
"the same IP address cannot be used for the NAT static configuration or in the pool for NAT dynamic configuration."
If you are Configuring Static and Dynamic NAT Simultaneously, the setup should be like below
ip nat inside source list 1 interface g0/0 overload ip nat inside source static tcp 10.10.10.1 25 172.16.130.2 25
*I changed my IP nat pool mynatpool 188.8.131.52 184.108.40.206, so the range would be only 1 publick IP, and my static NAT still stopped working for the FTP server...but after I removed
no ip nat pool mynatpool 220.127.116.11 18.104.22.168 prefix-length 24
no ip nat inside source list 1 pool mynatpool overload
ip nat inside source list 1 interface G0/0 overload
I have had 3 days without any Static NAT issues!
09-28-2010 06:02 AM
Problem has been solved by adding a secondary IP address on the outside interface. The address being the problematic NAT address.
Sorry for the late reply. Thank you all.
10-26-2010 07:11 AM
did you apply a secondary PUBLIC ip address to solve the problem or any ip address????
10-26-2010 07:23 AM
I have applied the public IP address on which do the NAT. This solved the problem.
10-26-2010 08:41 AM
did you apply the public ip address of the IP that stop working or another public ip within the segment????
I have the same problem... but with 2 or 3 ip address...
10-26-2010 09:03 AM
i got this answer on ittoolbox.com
i think you have dynamic NAT (or PAT) also in your same router and the same private ip address is also covered by dynamic NAT, if this is the case then add deny statement in the access list of dynamic nat which will avoid the same address used by dynamic nat.
Well, my poll access list on the NAT for everyone else has no the SERVER that's stop working after FTP...
i'm set the secondary ip address and set the access-list of the pool to denied the server for test... let you know about results!!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: