«

Hello
I'm using software 12.3T
I have problem with IP NAT translation
Sometimes i have in NAT table:

Router#sh ip nat translations | incl icmperr
icmperr 213.180.100.200 10.10.1.84 --- ---
icmperr 213.180.100.200 10.10.5.75 --- ---

...................

and these IP don't work

What does it mean "icmperr" in Cisco NAT table?
What can I do with it?

I don't find any information about "icmperr" in Cisco web site

thank you & best regards

Adam

Adam,

Might be a bug..you might want to try upgrading/downgrading

FYI:
'icmperr' entry was introduced from 12.1(10.1).
Prior to this version, if a NAT box with overload configured receives
an ICMP error message, NAT tries to allocate an address (as opposed to
address+port) and to create a simple entry.
This means that if:
- the box is configured with interface overload or
- all the addresses in the overloaded pool are used
the route drops the ICMP error packet...
Now:
Instead of dropping the packet the route just picks any address (from
the pool, or from the
interface) and it creates a simple entry with a special value in the
protocol field
(proto=icmperr). This simple entry is used ONLY to translate ICMP
errors coming from that
particular Inside host.
The entry times out in 1 minute. The timeout value cannot be changed
from the CLI

from what i understand