Got it

NAT Network IP Address Translation Failures

1108 0 0 0 0

Common causes are as follows:

  • NAT configuration is incorrect. As a result, sessions fail to be set up.

  • The NAT gateway fails to connect to an external host as no route is configured for the NAT gateway.

  • An ACL is configured incorrectly.

  • An internal host fails to connect to the NAT gateway.

  • ALG is disabled

Fault Locating Flowchart

Troubleshooting NAT network IP address translation failures 
fig_dc_ne_trouble_nat_0001.png

Troubleshooting Procedure

  1. Check whether information about NAT sessions is correct.

    Run the display nat session table slot slot-id [ engine engine-id | card card-id ] command and check whether NAT session information is correct. For example:

    <HUAWEI> display nat session table slot 1 engine 0
    This operation will take a few minutes. Press 'Ctrl+C' to break ...
    Slot: 1 Engine: 0
    Current total sessions: 1.
      udp: 192.168.3.198:1234[172.23.1.2:2234]--> 10.20.20.20:1024
    
    • If a protocol, IP address, or port number in the command output is incorrect, check NAT configurations. If there are incorrect NAT parameters, reconfigure them.

      For information about how to configure NAT services, see Configuring Basic NAT Functions in HUAWEI NetEngine40E Configuration Guide - NAT and IPv6 Transition Technologies.

    • If the protocol, IP address, and port number in the command output are correct, go to 2.

  2. Check whether a NAT device is correctly connected to an external destination host.

    Run the ping command on the NAT device to ping the external destination host.

    • If the ping fails, perform the following operations:

      1. Run the display ip routing-table command to view routing table information. Check whether a NAT device has a reachable route to the external destination host. If the route is unreachable, reconfigure a route as needed:
        • Configure a static route on the NAT server if the following conditions are met:
          • The address of the external destination host is on a different segment from that of the external network interface on the NAT device.
          • No corresponding route is configured on the NAT device.
          After the static route is configured, an intranet packet can then be forwarded through the static route after being processed on the NAT device.
        • A static route does not need to be configured on the NAT device if the IP address of the external destination host is on the same segment as that of the external network interface on the NAT device.

      2. Check whether the IP address of the external network interface on the NAT device conflicts with that of the external destination host. If the two IP addresses conflict, re-configure a NAT address pool.

    • If the NAT device can ping the external host, go to 3.

  3. Check whether a route is correctly configured for an intranet host.

    Run the display ip routing-table command to check whether a correct route is configured for the intranet host.

    • If the route to the intranet host is unreachable, reconfigure the route.

    • If the route to the intranet host is reachable, go to 4.

  4. Contact Huawei and provide the following information:

    • Results of this troubleshooting procedure

    • Configuration, log, and alarm files

 

  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.