IP NAT Debug: Wanted != Got

Unanswered Question
Feb 15th, 2007

I have a static NAT configuration that works perfectly, save for one entry. Whenever I try to use the static nat entry for udp port 61234, the "wanted port" of 61234 is never equal to the "got" port. I assume this means the translation failed.

Can anyone help me understand what's going on, and how to correct it? I can't use any applications on this port, even after a reload of the router (or after executing a clear ip nat trans * or clear ip nat trans force).

Configuration

!

interface FastEthernet0/0

ip address 192.168.200.1 255.255.255.0

ip nat inside

no ip route-cache cef

no ip route-cache

no ip mroute-cache

load-interval 30

speed 100

full-duplex

hold-queue 600 in

!

interface Ethernet1/0

ip address dhcp client-id Ethernet1/0

ip nat outside

no ip route-cache cef

no ip route-cache

no ip mroute-cache

load-interval 30

half-duplex

hold-queue 600 in

!

ip nat inside source list 1 interface Ethernet1/0 overload

ip nat inside source static udp 192.168.200.11 61234 interface Ethernet1/0 61234

!

access-list 1 permit 192.168.200.0 0.0.0.255

Router#sh ip nat trans

Pro Inside global Inside local Outside local Outside global

udp 198.133.219.25:61234 192.168.200.11:61234 --- ---

When I debug ip nat detailed, I receive the following output:

.Feb 15 02:28:42.895: NAT: s=192.168.200.11->198.133.219.25, d=62.75.222.133 [28545]

.Feb 15 02:28:43.067: NAT: [0] Allocated Port for 192.168.200.11 -> 198.133.219.25: wanted 61234 got 1041

.Feb 15 02:28:43.067: NAT: o: udp (62.75.222.133, 38717) -> (198.133.219.25, 61234) [44622]

.Feb 15 02:28:43.071: NAT: s=62.75.222.133, d=198.133.219.25->192.168.200.11 [44622]

.Feb 15 02:28:43.071: NAT: i: udp (192.168.200.11, 61234) -> (62.75.222.133, 38717) [28547]

.Feb 15 02:28:43.071: NAT: UDP s=61234->1041, d=38717

.Feb 15 02:28:43.071: NAT: s=192.168.200.11->198.133.219.25, d=62.75.222.133 [28547]

.Feb 15 02:28:43.223: NAT: o: icmp (62.75.222.133, 38717) -> (198.133.219.25, 1041) [56801]

.Feb 15 02:28:43.227: NAT: s=62.75.222.133, d=198.133.219.25->192.168.200.11 [56801]

Router#sh ver

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-IK9O3S3-M), Version 12.3(20), RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2006 by cisco Systems, Inc.

Compiled Tue 08-Aug-06 20:50 by kesnyder

Image text-base: 0x80008098, data-base: 0x81A0E7A8

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion