Guest

Preview Tool

Cisco Bug: CSCun59240 - Router with NAT configuration crashes

Last Modified

Mar 08, 2018

Products (1)

  • Cisco IOS

Known Affected Releases

n/a

Description (partial)

Symptom:
The router which is configured to perform NAT crashes with reporting this error before crash:

The crash is happening due to unsupported configs.

Conditions:
"ip nat allow-static-host" should be used only incase of wlan related traffic.
And to make use of wlan functionality with ip nat allow-static-host  ip nat pool ~ accounting must be configured, on the top we have following restriction of using nat address[though it is not related]. We need to understand what is the purpose of using allow-static in the current setup and Need to check whether crash is reproducible without allow-host config.   

NAT rules should have permit any any, denies for the NAT interface-address.
Static-IP clients address should not match the address of the local NAT routers DHCP pool (for dynamic clients) or another static-IP client.
SSG and the NAT router not co-residing in same router.
PAT/Overload configurations will not be supported until SSG is able to handle (differentiate) between 2 or more users with the same source IP Address The NAT solution will work regardless of whether the configuration for NAT is 1-1 or PAT, but  SSG will need to be able to identify a user by more than just its Source IP Address - MAC Address, Source Port, or both are options
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.