Question:
a have a router CISCO 1841 WS-C3560V2-24TS-S and I configured
a NAT inside from the router to the firewall like this :
ip nat inside source static
firewall_adresse public_adresse and its
work fine and when a added it I do this command "wr" to save the
configuration and I restarted the router many times and it still work fine
but in the last five months this NAT does
not exsit twice and I must add it a gain
can you help please or explain why happened
this
Answer:
This look like a software issue. Check if
your IOS is hitting the following software defect -
CSCsi30964
Static NAT statement disappears from
running-configuration
tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi30964
Also please post the output of show run, sh
ver and which NAT statement observed issue.
Please rate the helpful posts.
Here are the bug details -
+++++++++++++++++++++++++++
Symptoms:
On a Cisco router performing NAT, static
NAT statements may disappear from the running-configuration during operation.
Any new flows requiring translation via the missing statement may fail.
Conditions:
- This problem was first experienced in IOS
12.4(9)T.
- It has only been reported for extendable,
inside source static NAT statements
for TCP ports 80 (HTTP) and 25 (SMTP), with
and without a route-map:
Examples:
ip nat inside source static tcp x.x.x.x 25
y.y.y.y 25 extendable
ip nat inside source static tcp x.x.x.x 25
y.y.y.y 25 extendable route-map nonat
ip nat inside source static tcp x.x.x.x 80
y.y.y.y 80 route-map nonat extendable
- After the statement disappears from the
running-configuration, it is still
visible in the startup-configuration.
- Existing translations created before the
disappearance are cached in the NAT
translation table and continue to work
correctly.
Workaround:
Reload the router.
+++++++++++++++++++++++++++
Could you confirm following : Was the NAT
translation there in startup-config, once it was not seen in running-config ?
You are using 124-11.XJ4 IOS. I don't think
the defect is resolved in this IOS.
In mainline train the defect is fixed from
12.4(18b) onwards.
Please check the Release notes and features
in use available in the mainline release if you are planning for upgrade.
<>
Cisco 1841 (revision 7.0) with
115712K/15360K bytes of memory.
<>
You have 128 Mb of DRAM on this router.
Please rate the helpful posts.
I'm not sure if I understand your question
correctly..
Are you telling when the VPN traffic is
going via this Router, then when you type show run it doesn't show you the
output.
and when the VPN traffic is blocked, you are
able to see the output.
If that is the case, you may need to check
CPU & Memory Utilization, Interface counters on the Router when the issue
is happeneing to determine the exact cause.
sh proc cpu sorted | ex 0.00
sh mem stat WS-C3560V2-48TS-S
sh interface
没有评论:
发表评论