Cisco 1800 NAT problem

Discussion in 'Cisco' started by azrael, Nov 22, 2006.

  1. azrael

    azrael

    Joined:
    Nov 22, 2006
    Messages:
    2
    Hi,

    I've got a Cisco 1801 connected to ADSL. I'm having problems with my NAT - it seems to come to a halt after a few minutes when I have a torrent running. I know p2p opens up a lot of connections - but surely it should be able to cope? What can I do? After a few minutes of downloading any torrent I can not open any websites on any of my machines. If I do a clear nat translations * then it's fine again. I also seem to be getting alot of NAT misses (I'm not sure what is normal.).

    My bittorrent client is configured to establish connections on tcp port 52000. So on my cisco I've got the following:

    ip nat inside source list 1 interface Dialer1 overload
    ip nat inside source static tcp 192.168.0.254 52000 interface Dialer1 52000


    with vlan1 and fastethernet0 on the inside and dialer1 on the outside.

    After roughly 30 minutes my show ip nat stat looks like this:

    Total active translations: 787 (0 static, 787 dynamic; 786 extended)
    Outside interfaces:
    Dialer1, Virtual-Access1
    Inside interfaces:
    FastEthernet0, Vlan1
    Hits: 157142 Misses: 8461
    CEF Translated packets: 133639, CEF Punted packets: 44141
    Expired translations: 7885
    Dynamic mappings:
    -- Inside Source
    [Id: 1] access-list 1 interface Dialer1 refcount 12
    Queued Packets: 0

    ....and I cannot open up any sites, but the torrent is still going full speed - as is my open remote desktop connection.

    Any ideas?

    Thank you!
     
    azrael, Nov 22, 2006
    #1
    1. Advertising

  2. azrael

    Zakkas

    Joined:
    Apr 26, 2006
    Messages:
    15
    Do you have any IPSEC tunnels configured on this router? I had this exact problem on an 1841 where no Internet access was possible and no statically translated IP's were accessible. Clearing the ip nat translations solved the problem temporarily. On our router we had many site-to-site VPNs configured. The problem turned out to be because the router was unable to differentiate between what got NAT'd and what didn't because of the 5 static translations that I had configured. I had to configure 2 NONAT route-maps. One for the static translations and one for the NAT translation statement.


    Also try removing your static translation and let it run for a bit and see what happens.
     
    Zakkas, Nov 22, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kai
    Replies:
    1
    Views:
    1,078
    Ivan Ostreš
    Dec 13, 2004
  2. John Strow

    Cisco 2600 and 1800 number

    John Strow, Apr 30, 2005, in forum: Cisco
    Replies:
    0
    Views:
    406
    John Strow
    Apr 30, 2005
  3. azrael

    Cisco 1800 NAT problem

    azrael, Nov 22, 2006, in forum: Hardware
    Replies:
    0
    Views:
    928
    azrael
    Nov 22, 2006
  4. simba
    Replies:
    2
    Views:
    1,391
    Slash2007
    Sep 25, 2007
  5. dgh94703@yahoo.com

    NAT woes Cisco 1800

    dgh94703@yahoo.com, Mar 19, 2008, in forum: Cisco
    Replies:
    1
    Views:
    626
    Scooty
    Mar 20, 2008
Loading...

Share This Page