2811 router loosing NAT statement

Unanswered Question

My router is a 2811 running Version 12.4(9)T6

image is flash:c2800nm-advipservicesk9-mz.124-9.T6.bin

This router is the internet router and there is a PIX515E behind this, email server is a Exchange server with MS-NLB load balancing two servers (10.y.yyy.16, and 10.y.yyy.17)

Its(NLB) virtual address is 10.y.yyy.18

NATing statement for SMTP is as below

ip nat inside source static tcp 10.y.yyy.18 25 2xx.79.xxx.xxx 25 route-map nonat extendable

After migrating to a new datacenter, with new public IP set, I had to add

static ARP antry and static MAC address table entry to get this working as suggested by many articals.

This will work for some time, but strangely router loose the above line from running config, and I can see the line in startup config.

But sh ip nat translation show many translations to 10.y.yyy.18 and email working OK, but last time we had spend much time to solve the issue after some days it stop using .18(virtual address). This happen again yesterday and still working but I am waiting for more trouble

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

tcp 2xx.79.xxx.xxx:25 10.y.yyy.18:25

Any advice pls

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Hitesh Vinzoda Thu, 10/08/2009 - 10:36


Are there multiple translations with the same address ??


ip nat inside source static tcp 20 20 extendable

ip nat inside source static tcp 21 21 extendable

What i mean is When adding a static NAT translation, a permanent ARP entry is

added. When configuring multiple translations for the same address and

removing one, the ARP entry is removed even though there may be a NAT

translation that still requires it.

sounds like a symptom mentioned for bug "CSCsl81170".


Hitesh Vinzoda

Hi, That info is very helpful,

I do have multiple NAT statements for same address, but disappearance of one statement is automatic, no one remove it from config, it disappear by it self. I can still see the line in startup config.

This may be a bug as mentioned in the caveats CSCsl81170.

What are the implications if I remove PAT(multiple translations to one address) and add a IP level NAT statement for the address.

bpciadmin Mon, 10/12/2009 - 08:00

I had a similar situation today. The IP NAT INSIDE SOURCE statement that makes my mailserver available for inbound/outbound access simply disappeared.

In my case, I only have one IP NAT statement for this IP address but have several other IP NAT statements.

I'm running 12.4(15)XZ on a 2801.

I checked the date of the running-config and it dated back to Sep 15, the same date as my startup-config. But when comparing line-by-line, I found the IP NAT statement was missing...

Bayardo Alvarez

tohim Tue, 11/03/2009 - 01:05

Router 1841 running IOS 12.4(3a) have same trouble.

And I almost shure it is related to MS-NLB load balancing.

Config works more than one year without problems. Last month we setup MS-NLB for our Exchange servers.

Now "ip nat inside" translation misteryously disappears from config. We add it to running config, saving, but after some time it's again goes out.

Seems like bug in IOS. Or unknown feature.

Hi, I am waiting to upgrade this 2811 to 2851, for that reason I didn't pursue this any further, but clear ip nat tra * would reapear the NAt translation line for a while, depending on the NAT workload it disaprear accordingly.

My guess, it is bug, and may the workaround is reduce the NAT tranalation time out. I don't know how to do that.

Would any one advice on that pls.


This Discussion