Guest

Preview Tool

Cisco Bug: CSCuj84621 - PAT address listed in the output of command 'show nat pool cluster'

Last Modified

Apr 19, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.0(2)

Description (partial)

Symptom:
Symptom:
On ASA cluster running software version 9.0.2, with dynamic pat rule(s) and dynamic nat rule(s) with pool of IPs, the command 'show nat pool cluster' lists the pat IP address in the output ( which should not be listed ) . This issue is cosmetic and does not have any functional impact.

Example output :

show nat pool cluster
IP Inap-1-Out 192.168.9.124, owner asa1, backup asa2      (PAT address )
IP Inap-1-Out 192.168.9.190, owner asa1, backup asa2      (PAT address)
IP Inap-1-Out:inet-pat 192.168.9.249, owner asa1, backup asa2
IP Inap-1-Out:inet-pat 192.168.9.254, owner asa1, backup asa2
IP Inap-1-Out:inet-pat 192.168.9.253, owner asa1, backup asa2
IP Inap-1-Out:inet-pat 192.168.9.252, owner asa2, backup asa1
IP Inap-1-Out:inet-pat 192.168.9.251, owner asa2, backup asa1
IP Inap-1-Out:inet-pat 192.168.9.250, owner asa2, backup asa1

Conditions:
ASA units in cluster.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.