Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

FTP AND SNAT ON IOS 12.4

Hello Guys I need a Litle help, I have 3 days testing this and I Isolate a Problem which I dont understand.

I ahve setup 2 Routers C2600 with IOS 12.4(8) also try 12.4(17) both with same problem!.

Using SNAT FTP go slow as hell!

Config is very simple:

ROUTER A

interface FastEthernet0/0

ip address x.x.x.3 255.255.255.0

ip nat inside

duplex auto

speed auto

glbp 10 ip x.x.x.1

!

interface FastEthernet0/1

bandwidth 4000

ip address xx.xx.xx.xx 255.255.255.224

ip nat outside

duplex auto

speed auto

!

router eigrp 100

redistribute static

passive-interface FastEthernet0/1

network 192.168.9.0

auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 xx.xx.xx.129 !default gateway on isp

!

ip http server

ip http authentication local

ip nat stateful id 1

primary xx.xx.xx.3

peer xx.xx.xx.2

mapping id 10

!

ip nat pool ISP xx.xx.xx.130 xx.xx.xx.130 netmask 255.255.255.224

ip nat inside source list 110 pool ISP overload mapping-ID 10

ip nat inside source static tcp xx.xx.x.240 21 xx.xx.xx.140 21 mapping-id 10

!

access-list 110 deny ip 192.168.9.0 0.0.0.255 10.132.0.0 0.0.255.255

access-list 110 deny ip 192.168.9.0 0.0.0.255 10.136.0.0 0.0.255.255

access-list 110 deny ip 192.168.9.0 0.0.0.255 192.168.50.0 0.0.0.255

access-list 110 deny ip 192.168.9.0 0.0.0.255 192.168.100.0 0.0.0.255

access-list 110 permit ip 192.168.9.0 0.0.0.255 any

!

!

line con 0

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

!

end

ROUTER B

interface FastEthernet0/0

ip address x.x.x.2 255.255.255.0

ip nat inside

duplex auto

speed auto

glbp 10 ip x.x.x.1

!

interface FastEthernet0/1

bandwidth 4000

ip address xx.xx.xx.xx 255.255.255.224

ip nat outside

duplex auto

speed auto

!

router eigrp 100

redistribute static

passive-interface FastEthernet0/1

network 192.168.9.0

auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 xx.xx.xx.129 !default gateway on isp

!

ip http server

ip http authentication local

ip nat stateful id 1

BACKUP xx.xx.xx.2

peer xx.xx.xx.3

mapping id 10

!

ip nat pool ISP xx.xx.xx.130 xx.xx.xx.130 netmask 255.255.255.224

ip nat inside source list 110 pool ISP overload mapping-ID 10

ip nat inside source static tcp xx.xx.x.240 21 xx.xx.xx.140 21 mapping-id 10

!

access-list 110 deny ip 192.168.9.0 0.0.0.255 10.132.0.0 0.0.255.255

access-list 110 deny ip 192.168.9.0 0.0.0.255 10.136.0.0 0.0.255.255

access-list 110 deny ip 192.168.9.0 0.0.0.255 192.168.50.0 0.0.0.255

access-list 110 deny ip 192.168.9.0 0.0.0.255 192.168.100.0 0.0.0.255

access-list 110 permit ip 192.168.9.0 0.0.0.255 any

!

!

line con 0

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

!

end

If I disable Snat the FTP go very fast

when i enable it it go slow.. I have debug cached missed none, drops, none

looks like everythign have to do with snat on or off.. I needed ON to share nat tables and use aymetric traffict in ALG

PLEASY ANY HELP!? WHY SNAT MAKE MY FTP SLOW? the rest of trafic is fine with snat ON, email, remote desktop, pop3, web, 443, etc wherever I config for internal server work fine excep for FTP.

Also looks like TFTP got affected too.

I downgrade the routers to 12.3-5a and worked.. but i need some new commands from 12.4.

Many thanks

Raul

2 REPLIES
New Member

Re: FTP AND SNAT ON IOS 12.4

Any one please?

New Member

Re: FTP AND SNAT ON IOS 12.4

I have the same problem with SNAT and FTP - 12.4.20 T IOS on 2801

153
Views
0
Helpful
2
Replies