OA5510 ip filtering unstable - works sporadically.. help..

Post Reply
User avatar
milenski
Member
Posts: 26
Joined: 06 Jan 2010 08:35

OA5510 ip filtering unstable - works sporadically.. help..

Post by milenski » 26 Feb 2010 09:03

I have configured NAT and I have configured an IP filter to prevent a certain IP address.

The problem is that the filter won't let any traffic for a while and eventually start working lets say 15 minutes after I have been trying ping and http requests - if I reboot the 5510 USG it works, if I leave it idle - without any traffic for a while, it stops working... 0_o It works, then it doesn't and than it works again - wtf am I doing wrong.. :mad:

Attached is my configuration..
You do not have the required permissions to view the files attached to this post.

User avatar
milenski
Member
Posts: 26
Joined: 06 Jan 2010 08:35

oops

Post by milenski » 26 Feb 2010 12:42

Removed all ip filtering, turns out that the problem persists - I guess NAT is not configured properly or is not working properly for some reason... Will investigate further on Monday. Any Ideas are welcome.:)

User avatar
benny
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 745
Joined: 20 Oct 2007 14:51
Contact:

Post by benny » 27 Feb 2010 03:20

Maybe your WAN connection disconnects if idle for some time?

-b
Regards,
Benny

User avatar
milenski
Member
Posts: 26
Joined: 06 Jan 2010 08:35

Post by milenski » 27 Feb 2010 06:08

No, my wan connection is ok, NAT stops working for some reason..

User avatar
cedric1
Member
Posts: 603
Joined: 26 May 2009 18:00
Location: Luxembourg ACSE R6

Post by cedric1 » 01 Mar 2010 16:24

open a case to ALU

User avatar
murraya
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 900
Joined: 16 Oct 2007 02:35

Post by murraya » 02 Mar 2010 01:41

yep, please do. mine does the same with just NAT activated. can you let us know how you get on please
Best Regards
Murray

ACSE 10.0 corporate
ACSE 6.x IPT data

User avatar
murraya
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 900
Joined: 16 Oct 2007 02:35

Post by murraya » 08 Mar 2010 05:03

I have found two ways to get the NAT back when it stops...
1 reboot (simple really)
2 unplug the WAN (fast ethernet port) then plug it back in.
Not really a fix, how are you getting on Milenski?
Best Regards
Murray

ACSE 10.0 corporate
ACSE 6.x IPT data

User avatar
milenski
Member
Posts: 26
Joined: 06 Jan 2010 08:35

Post by milenski » 29 Sep 2010 07:43

Long time, no see:) but I am back.. Could you post your running configuration with NAT enabled, so that I can compare to mine?

User avatar
murraya
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 900
Joined: 16 Oct 2007 02:35

Post by murraya » 30 Sep 2010 00:44

Hi, not sure if any use to you at present as I have had beta software written to fix my issue on NAT for SIP.
What type of NAT are you doing? is it for incoming from WAN or outgoing like SIP?
If the later then the firewall only stays open for a while so for incoming to remain open you need to have a keep alive like "sip option" configured.
Best Regards
Murray

ACSE 10.0 corporate
ACSE 6.x IPT data

User avatar
milenski
Member
Posts: 26
Joined: 06 Jan 2010 08:35

NAT not working

Post by milenski » 30 Sep 2010 06:32

Hi, well I have configured source nat, so that I am able to provide internet to some users using one WAN ip address. The configuration is:



interface FastEthernet0
ip address 192.168.92.158/24
no shutdown
top

ip route 0.0.0.0/0 192.168.92.1 //default gw of the router

match-list Nat
1 tcp interface Vlan 2 any
2 icmp interface Vlan 2 any
3 udp interface Vlan 2 any

ip nat TestNat
1 match any Nat source-nat static

interface FastEthernet0
ip nat out TestNat

ip-policy nat

Actually - the whole configuration is in the attachment.
Would you like to exchange skype nicknames, sothat we can help each other on 5510 issues. I am also working with OXE.
You do not have the required permissions to view the files attached to this post.

Post Reply

Return to “OmniAccess 5510”