11-22-2003 12:59 AM - edited 03-02-2019 11:54 AM
So... I've been running many versions of IOS on many routers and never had any problems with CBAC Firewall, NAT, public IP on the outside, private range on the inside - fairly straightforward. On this particular router, I've been running software with the IP/FW/IDS PLUS IPSEC 3DES feature set from probably 12.2.8T through 12.3.3a with no problems, the configuration hasn't really changed much.
However, with my working configuration on 12.3.3a, I tried out the new Nov-17 build of 12.3.5 and mysteriously none of my outside NAT translations go through to internal machines. I verified that there is no access list denying the packets on the outside interface - specific ACL permits with log showed this, and the NAT translation was being created according to debug as well... I spent 30 minutes trying to figure out what was going on.. I reloaded the old 12.3.3a IOS with exactly the same configuration and it works fine now.
Is this a bug? I did find this very strange.
Ryan
11-22-2003 01:54 AM
Hello,
I checked the bug toolkit, not really much there, except for a possible problem with multiple inside IPSec clients and CEF enabled. Recommended workaround: disable CEF. Not sure if this applies to you.
Regards,
Georg
01-02-2004 05:41 AM
I too experiance these strange behaviors. i used 12.3.5. on a 3620 but allso downgraded again becuse it misteriqously stoped working without any notification within 5mins of booting.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide