Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT problem when upgrading from 6.1 to 6.3.3

hi,

I've upgraded from a 6.1 (UL) to 6.3.3 (UL) and i'am having problem with dynamic NAT and also PAT : nothing is working (pix sends syslog message like "unable to create translation for xxxxxxx).

The same configuration is working well on 6.1 without problems.

Does anybody having the same problem ?

here is a copy of the nat commands :

global (outside) 1 62.23.181.123

global (outside) 2 62.23.181.122

nat (inside) 1 172.17.66.0 255.255.255.0 0 0

nat (inside) 1 172.20.0.0 255.255.255.0 0 0

nat (dmz1) 2 CALYPSO 255.255.255.255 0 0

thanks in advance

4 REPLIES
Cisco Employee

Re: NAT problem when upgrading from 6.1 to 6.3.3

hi,

what is the translation address in the syslog message? do you have the syslog server setup?

if syslogging to the server is TCP based then you could have this issue.

Thanks

Nadeem

New Member

Re: NAT problem when upgrading from 6.1 to 6.3.3

Hi Nadeem,

We use standard UDP syslog (UDP 514)

Here is a sample of message received on it :

Feb 25 19:04:45 pix1 Feb 25 2004 19:03:58: %PIX-3-305006: portmap translation creation failed for tcp src inside:HYPERION/1776 dst outside:69.50.184.199/6667

Feb 25 19:12:46 pix1 Feb 25 2004 19:11:58: %PIX-3-305006: portmap translation creation failed for tcp src inside:HYPERION/1802 dst outside:69.50.184.199/6667

Feb 25 19:12:52 pix1 Feb 25 2004 19:12:05: %PIX-3-305006: portmap translation creation failed for tcp src inside:HYPERION/1802 dst outside:69.50.184.199/666

thanks

Cisco Employee

Re: NAT problem when upgrading from 6.1 to 6.3.3

Hi,

What does the "show xlat count" and "show conn count" says?

Thanks

Nadeem

New Member

Re: NAT problem when upgrading from 6.1 to 6.3.3

Hi,

sh xlate count shows nothing.

I've tried to copy once more the FOS 6.3.3 and has nothing change

So i've decided to clear the flashfs (even if it's written to use only when downgrade).

And after that, all seems to work fine.

Is it possible to have a problem when upgrading the FOS because of some parts of info kept in flash which interfere with some functions of the PIX ?

thanks

96
Views
0
Helpful
4
Replies
CreatePlease login to create content