Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
560
Views
0
Helpful
3
Replies

NAT stops translating after a while

mpferderer
Level 1
Level 1

‎03-15-2002 08:39 AM - edited ‎03-01-2019 08:53 PM

I have a 2621 router with a T1 WIC, ISDN WIC(admin shutdown), 8AM module running single DES 12.2(3)IOS. Clients on the private network can not route to internet address and debugging NAT shows no activity when attempting this. My private to prvate encrypted still works(although there it doesn't seem like all Ip traffice can make it just ICMP and only to certain hosts but this is another issue). Nat Statistics shows 2 out of the 2 addresses I assigned for dynamic translation being used (100% allocated- with misses of course and they keep growing), however show ip nat translation shows no translations in the table. I can attempt to clear ip nat translation but there was nothing to clear therefore it didn't resolve the problem. I reload the router and all is fine again for an undetermined amount of time. Seems strange. Does having muliple inside interfaces bound to NAT pose a problem(FE0/1, and many ASYNCs(modem module)? I have posted my debuggin info below. Please help me.

Debug ip nat detailed:

Mar 15 09:06:38: NAT: address not stolen for 192.168.110.239, proto 17 port 1053

Mar 15 09:06:38: NAT: failed to allocate address for 192.168.110.239, list/map 1

22

Mar 15 09:06:38: NAT: translation failed (A), dropping packet s=192.168.110.239

d=64.197.255.69

Mar 15 09:06:39: NAT: address not stolen for 192.168.110.239, proto 17 port 1053

Mar 15 09:06:39: NAT: failed to allocate address for 192.168.110.239, list/map 1

22

Mar 15 09:06:39: NAT: translation failed (A), dropping packet s=192.168.110.239

d=64.197.255.69

Mar 15 09:06:41: NAT: address not stolen for 192.168.110.239, proto 17 port 1053

Mar 15 09:06:41: NAT: failed to allocate address for 192.168.110.239, list/map 1

22

Mar 15 09:06:41: NAT: translation failed (A), dropping packet s=192.168.110.239

d=64.197.255.69

Mar 15 09:06:44: NAT: address not stolen for 192.168.110.239, proto 17 port 1053

Mar 15 09:06:44: NAT: failed to allocate address for 192.168.110.239, list/map 1

22

Mar 15 09:06:44: NAT: translation failed (A), dropping packet s=192.168.110.239

d=64.197.255.60

Mar 15 09:06:44: NAT: address not stolen for 192.168.110.239, proto 17 port 1053

Mar 15 09:06:44: NAT: failed to allocate address for 192.168.110.239, list/map 1

22

Labels:
0 Helpful
3 Replies 3

jkim
Level 1
Level 1

‎03-15-2002 09:58 AM

I could think of couple of things that might cause this. Do you have overload and timeout set?

0 Helpful

mpferderer
Level 1
Level 1
In response to jkim

‎03-15-2002 10:53 AM

Yes i have overload, but was unaware of a timeout command. My NAT statement looks like this:

ip nat inside source list 122 pool natpool overload

It would make sense that the translations are being stored and not let go, but I don't understand why they don't show up with a 'show ip nat tran'.

How do i use a timeout statement?

0 Helpful
Customers Also Viewed These Support Documents