Two way NAT and GRE

Unanswered Question
Mar 14th, 2007
User Badges:

I'm replacing a Cisco 4500 running IOS 12.1(22c) by a Cisco 2801 with IOS 12.4(1c) with (as much as possible) same configuration. All works fine except a GRE-tunnel that is traversing the router.

Debug of 4500 that works correct:

Mar 14 21:04:47.514: NAT: o: gre (, 0) -> (, 0) [11338]

Mar 14 21:04:47.514: NAT: s=>, d= [11338]

Mar 14 21:04:47.514: NAT: s=, d=> [11338]

Debug of failing session on 2801 shows:

*Mar 14 19:50:05.778: NAT*: o: gre (, 0) -> (, 0) [7805]

*Mar 14 19:50:05.778: NAT*: o: gre (, 0) -> (, 0) [7805]

*Mar 14 19:50:05.778: NAT*: s=>, d= [7805]

*Mar 14 19:50:05.778: NAT*: s=, d=> [7805]

Any useful suggestion is appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Thu, 03/15/2007 - 01:54
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


It looks like one of your nat translations is not working / missing ?

It's difficult to be precise without knowing your topolgy but you should have something like this on your 2800

ip nat inside source static

ip nat outside source static

The destination address of is not getting translated.

Could you recheck your NAT statements.

If there is still nothing obvious could you post the relevant lines of config and the output of a "sh ip nat translations" after trying to send traffic.



kpeereboom Mon, 03/19/2007 - 08:48
User Badges:

Hi Jon,

thanks for your reply. I will attach the config of the router, which is almost identical (a had to make some changes because of different hardware) to the config of the 4500, where this worked.

Unfortunately I am not able to retrieve the result of the sh ip nat translations commands that I did during the test. I had to disconnect the router after the unsuccessful migration, but I did attach the result of a "sh ip nat tran" in a disconnectes state.

I hope this can be of use.



This Discussion