Cisco Bug: CSCus55505 - ASRNAT: Static PAT commands are lost from the config after reboot
Dec 14, 2018
- Cisco ASR 1000 Series Aggregation Services Routers
Known Affected Releases
Symptom: It is possible to configure static PAT to router interface (or interface IP) and dynamic PAT to router interface (or interface IP) at the same time. This is a valid and supported configuration used by many customers which have single public IP address. Example: ip nat inside source static tcp 10.1.75.2 23 interface GigabitEthernet0/0/1.99 5000 ip nat inside source list 100 interface GigabitEthernet0/0/1.99 overload In this case, static PAT command will be lost after router reload, because we put commands into the running-config and startup-config in reverse order. Dynamic PAT command is processed first during bootup, NAT allocates dynamic TCP portblock 4096 - 5119 for dynamic PAT and static PAT command is rejected, because TCP/5000 is within the 4096 - 5119 range. So, the requirement is: we need to place static NAT/PAT commands into configuration before dynamic NAT/PAT commands and process them first after reboot. Conditions: IOS-XE versions have this defect.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases