Nat error: NAT: failed to allocate address

e-alvarez · ‎08-01-2002

Hi,

I have a problem with one router that is not doing NAT. The error it is sending is this:

NAT: failed to allocate address for 192.168.2.1, list/map 2

I appreciate any help you can provide. Here is the router info:

Router config:

--------------

ip subnet-zero

!

interface FastEthernet0

ip address 192.168.2.1 255.255.255.0

ip nat inside

speed auto

!

interface Serial0

ip address 148.246.xx.zz 255.255.255.252

ip nat outside

no fair-queue

!

ip nat translation timeout 300

ip nat pool PasfinMor 200.39.32.113 200.39.32.117 netmask 255.255.225.248

ip nat inside source list 2 pool PasfinMor overload

ip classless

access-list 2 permit 192.168.2.0 0.0.0.255

access-list 2 deny any

Routing Table:

----------------

Internet_Pasfin_Morelia#sh ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR

P - periodic downloaded static route

Gateway of last resort is 148.246.82.53 to network 0.0.0.0

200.39.32.0/29 is subnetted, 1 subnets

C 200.39.32.112 is directly connected, FastEthernet0

10.0.0.0/30 is subnetted, 2 subnets

C 10.10.1.0 is directly connected, Tunnel2

C 10.10.3.0 is directly connected, Tunnel1

S 192.168.1.0/24 is directly connected, Tunnel2

148.246.0.0/16 is variably subnetted, 2 subnets, 2 masks

C 148.246.82.52/30 is directly connected, Serial0

C 148.246.87.221/32 is directly connected, Loopback0

C 192.168.2.0/24 is directly connected, FastEthernet0

S 192.168.3.0/24 is directly connected, Tunnel1

S* 0.0.0.0/0 [1/0] via 148.246.82.53

Internet_Pasfin_Morelia#ping

Protocol [ip]:

Target IP address: www.cisco.com

Repeat count [5]:

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 192.168.2.1

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 198.133.219.25, timeout is 2 seconds:

02:05:54: NAT: address not stolen for 192.168.2.1, proto 1 port 2582

02:05:54: NAT: failed to allocate address for 192.168.2.1, list/map 2

02:05:54: NAT: translation failed (E), dropping packet s=192.168.2.1 d=198.133.2

19.25.

02:05:56: NAT: address not stolen for 192.168.2.1, proto 1 port 2583

02:05:56: NAT: failed to allocate address for 192.168.2.1, list/map 2

02:05:56: NAT: translation failed (E), dropping packet s=192.168.2.1 d=198.133.219.25.

e-alvarez · ‎08-01-2002

Sorry, where it says:

ip nat pool PasfinMor 200.39.32.113 200.39.32.117 netmask 255.255.225.248

it shuold say:

ip nat pool PasfinMor 200.39.32.113 200.39.32.117 netmask 255.255.255.248

ptrigueira · ‎08-05-2002

hello,

1st. Does the router have any inbound acl blocking ?

2nd. check if the ip pool was full before the ping test

3rd. try putting Access-list 177 permit icmp any any

and check the reusult.

hope ths helps,,,

PT

kaijiro · ‎08-05-2002

Are you using secondary IP address? Because you showed on the configuration

interface FastEthernet0

ip address 192.168.2.1 255.255.255.0

ip nat inside

speed auto

But on ip table route show:

Internet_Pasfin_Morelia#sh ip route

200.39.32.0/29 is subnetted, 1 subnets

C 200.39.32.112 is directly connected, FastEthernet0

In this case how have you configured "ip nat inside" and "ip nat outside"?

e-alvarez · ‎10-17-2002

After checking everything again on the router, including the acls, we upgraded the IOS to c1700-sy-mz.122-7c.bin (used to be 12.1) and it began to work without any problem. No changes to the router config.

Thanks to everyone who answered.