Upgrade - Lost outbound NAT



  • Hello,

    I have upgraded from 2.3.2 to 2.3.2 P1. After the reboot, the section "Outbound NAT" was lost.

    Before, the mode was in manual mode and after the upgrade, the mode was automatic with any value.

    To fix it, i have restore the NAT section in the config file and now i have all my oubound nat values.

    Do you have hear about this issue ? Do you know what might have caused this ?

    Thanks.



  • Same thing just happened to me on 2.3.3-RELEASE-p1.  All I did was disable one of my outbound NAT rules.  After disabling, it changed to automatic and cleared the outbound rules before I even hit "apply changes" in the top right.  Luckily I have a backup but still a hassle.



  • It works for me. I have tried disabling a manual outbound NAT rule from the front page of rules, and using the "disable" checkbox when editing the rule. Both work fine.

    Please give some detail of exactly what settings were there, what you clicked, and what was the result. If you have a way to make it go wrong, do tell.


  • Rebel Alliance Developer Netgate

    If you still have the pre- and post-upgrade configuration backups, do a diff on them and see what changed. I have seen a handful of complaints about that happening over the years but never any substantiating information and I've never seen it reproduced.



  • After further troubleshooting this issue, it turns out that my whole entire config file became truncated after changing a NAT rule.  I restored from the old config and all was ok.

    So, today I just made a simple change to one of my gateways, and the same thing happened.  Huge percentage of the config file truncated and had to restore from backup.  These are the these entries in my "Config History" page after it became screwed up.  Shows the old (correct) 147KiB config, then the truncated file that lost many settings.

    4/4/17 13:23:05 15.8 24 KiB admin@10.75.0.103: /system_gateways_edit.php made unknown change
    4/4/17 13:11:25 15.8 24 KiB Unknown
    3/29/17 01:17:37 15.8 147 KiB admin@10.75.0.103: /vpn_openvpn_client.php made unknown change

    It does not seem consistent where the file is being cut off.  One time it was in the middle of certificate PEM data, another time in the middle of a random vpn client profile (different certs).  Very strange.  Are there any other logs I should be looking at?


  • Rebel Alliance Developer Netgate

    Given those symptoms I'd be more concerned about the hardware than anything. Or the filesystem integrity at least.

    Unless the disk is full or something cut off the write (e.g. failing disk/media), it wouldn't just stop writing the config partway.


Log in to reply