Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT stops NAT-ing

Has anyone ever seen this before? We have NAT set up on a 3640 router as follows:

ip nat inside source static 172.16.38.200 172.16.95.7

ip nat outside source static 172.16.95.7 172.16.38.200

When we send something from 172.16.38.200, the router is not translating it to 172.16.95.7. It had been doing this just fine for months, but suddenly just stopped. Translation is working in the opposite direction. Here's another weird thing: we have 12 other translations setup on this router, just like these (with different IP addresses, obviously). These are working fine. If we reboot the router, this translation may start working, but another will stop! When we put our sniffer on the outside of the router, we see the IP addresses coming thru as 172.16.38.200, not 172.16.95.7. Has anyone ever seen anything like this before? Any help is very much appreciated!!!

Thank you,

Steve

6 REPLIES
Bronze

Re: NAT stops NAT-ing

remove the second statement. One static map is all you need. It might be geting confused from that. clear ip nat translations after removing the outside map.

Re: NAT stops NAT-ing

Steve

You dont really need the outside source static command for every input source static entry that you key in. When packets go from inside to outside, those with source address of 172.16.38.200 will be translated to 172.16.95.7. When the packet returns back, the destination address field will have 172.16.95.7 and this is translated using the same entry, back to 172.16.38.200.

Hope that helps.

New Member

Re: NAT stops NAT-ing

Thank you for your response! I did not mention this, but I think we want to leave it in, as the outside also needs to be able initiate communications with the inside devices.

Re: NAT stops NAT-ing

From the outside, if communications are initiated using the 95.7 address, then you dont need the outside source entry. Otherwise you do.

New Member

Re: NAT stops NAT-ing

Okay, I will give that a try. Thank you for your help!

New Member

Re: NAT stops NAT-ing

The router is now NAT-ing everything again. it is really odd. It got down to one particular network that I could not get any NAT translations to happen for. After making some other, seemingly non-related changes, NAT began translating again for that network! We had a protocol analyzer on a device on the outside and could see the IP traffic for that network coming thru not translated. I had debug IP NAT going on the router and did not see translations for that network. After making the seemingly non-related changes, the router suddenly began doing the translations again for that network. Weird.

I removed all the outside source entries and everything is still working. Thank you for the suggestion! There is no sense having a bunch of redundant stuff in there if it is not needed.

Steve

107
Views
0
Helpful
6
Replies