Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 800 Series : NAT Issue

Status
Not open for further replies.
oliver1349

oliver1349

Programmer
Nov 26, 2001
8
GB
Hello,

I'm encountering an issue with my NAT configuration.
at least once a week, my web sites become unvailable, port 80 is not accessible anymore from the internet.

That's the only unavailable port, pop-smtp-TS-ftp are still available.

The workaround I found so far is :

Remove NAT for port 80
no ip nat inside source static tcp 10.10.10.2 80 interface ATM0.1 80

Add NAT for port 80
ip nat inside source static tcp 10.10.10.2 80 interface ATM0.1 80

Any advise/idea to troubleshoot that issue?

Thanks,

Olivier
 
Sort by date Sort by votes
When you find that it's not working:

1) check the NAT translation by typing "show ip nat translation" and search for the port 80 translation. Check if it's doing the translation accordingly.

2) check if you can access the web server from the internal network 10.10.10.x
 
Upvote 0 Downvote
Ok, will try those actions next time it crashes.

Olivier
 
Upvote 0 Downvote
I've no idea on how to enable logging :(
We got that box with no information...
We just know it is supposed to work but have no experience is high level networking stuff.

Olivier
 
Upvote 0 Downvote
It maybe your NAT's are not timing out try adding

ip nat translation timeout 900
ip nat translation tcp-timeout 900

I had the same problem last week, do you have a problem getting onto the router when this happens?

Mike

"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."

 
Upvote 0 Downvote
I have no problem getting onto the router.
Other ports are working well so I have an access to it.

Olivier
 
Upvote 0 Downvote
It crashed again today.
As advised, timeouts were set.

- Web sites are available from the localhost.
- shop ip nat translation shows there is no NAT on port 80
- The line in the running config is "ip nat inside source static tcp 10.10.10.2 80 interface atm0.1 80". If I try to remove that line, I get a message "static entry is in use, cannot remove" while there is no natting on port 80...

Any advise?

Thanks,

Olivier
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
336
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
323
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
302
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
316
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
400
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top