Removing Cisco router static nat entries
Removing static nat entries from a Cisco router sometimes generates the error:
1 |
%Static entry in use, cannot remove |
This can be reliably overcome by stopping all inside and outside nat before removing the entry. This procedure is shown below.
However, I have always been able to remove the entry by clearing the current nat translations, then immediately removing the nat entry before another translation can be initiated. I managed this by typing the appropriate commands into a text editor, then copying and pasting them into the Cisco router terminal session, having entered config term to get to the (config)# prompt. Sometimes it takes a few tries to get the no ip nat directive executed before a new translation is initiated.
Here is a sample of the text I copy and paste. (Make sure you include the carriage-return at the end of the second line of text you copy, so the second line gets executed immediately when pasted.)
1 2 3 |
do clear ip nat translation * no ip nat inside source static tcp 192.168.17.175 80 interface Dialer1 80 |
If you can’t seem to get the “no ip nat” directive executed before a new translation is initiated, here is the full procedure. (Beware trying to do this via a connection that itself relies on a nat translation – your connection will drop.)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
config term interface vlan1 no ip nat inside exit interface Dialer1 no ip nat outside exit do clear ip nat translation forced no ip nat inside source static tcp 192.168.17.175 80 interface Dialer1 80 interface vlan1 ip nat inside exit interface Dialer1 ip nat outside exit exit |
Of course, once you’ve removed the static entry successfully, you can copy the current configuration to the startup configuration:
1 |
copy running-config startup-config |