NAT pool does not work. The "debug ip nat" command displays a "NAT: translation failed (A), dropping packet s= d=" error message


Wed, 07/22/2009 - 20:00
Jun 22nd, 2009

Core Issue

Network Address Translation (NAT) fails when you configure a NAT pool such that the addresses within the pool are part of subnet zero.


The (A) in the debug ip nat command output means that translation failed after routing occurred.

Issue the ip subnet-zero command in the NAT router.


These are other NAT failure codes:

  • A = Inside to outside fails after routing
  • B = Outside to inside fails before routing
  • C = Outside to inside fails after routing
  • D = Helpered fails
  • L = Internally generated packet fails
  • E = Inside to outside fails after routing

For more information, refer to NAT Pools and Subnet Zero.


This Document

Related Content