NAT Server Configuration Does Not Take Effect and the Interface Is Occupied

Publication Date:  2015-04-01 Views:  290 Downloads:  0
Issue Description
Networking:




Fault Symptom:


When the NAT server is configured on the AR, the following information is displayed:

[AR-GigabitEthernet0/0/1] nat server protocol tcp global current-interface 2000 inside 10.10.10.77 1025 Info: The port is already in use, please use the other free ports

Handling Process
The NAT server can be configured on Port 1999 and port 2001, but cannot on port 2000, indicating that port 2000 is occupied by other services.

Users must configure the NAT server on port 2000. Therefore, the service which is occupying port 2000 must be identified.

Run the display network status all command to view the tasks that occupy all the TCP/UDP port numbers.

[AR] display network status all Proto Task/SockId Local Addr&Port          Foreign Addr&Port        State TCP   FTPS/1      0.0.0.0:21               0.0.0.0:0                Listening TCP   _S0f/1      0.0.0.0:23               0.0.0.0:0                Listening TCP   Sess/1      0.0.0.0:80               0.0.0.0:0                Listening TCP   _S0f/8      172.17.1.188:23          192.136.64.12:3609       Established TCP6  _S0f/2      ::->23                   ::->0                    Listening UDP   NTPT/2      0.0.0.0:123              0.0.0.0:0 UDP   _S0f/1      0.0.0.0:161              0.0.0.0:0 UDP   WEB /1      0.0.0.0:2000             0.0.0.0:0                 UDP   HTPD/1      0.0.0.0:2100             0.0.0.0:0 UDP   HTPD/3      0.0.0.0:7073             0.0.0.0:0 UDP   HTPD/2      0.0.0.0:50100            0.0.0.0:0 UDP   _S0f/2      0.0.0.0:52851            0.0.0.0:0 UDP6  NTPT/1      ::->123                  ::->0 UDP6  SNP6/1      ::->161                  ::->0 UDP6  SNP6/2      ::->49152                ::->0 [Huawei]

The web task occupies port 2000. The web service is configured (web-auth-server listening-port 2000). Run the web-auth-server listening-port command to change the web port number. The fault is rectified.

Suggestions
Check whether the selected port number is occupied by other services before configuring the NAT server port number.
  • Run the display ip socket socket-type 2 command to view port numbers occupied by all the UDP protocols.
  • Run the display tcp status command to view port numbers occupied by all the TCP protocols.
  • Run the display network status all command to view port numbers occupied by all the TCP/UDP protocols.

END