Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Nat and pix config

Reply
Thread Tools

Nat and pix config

 
 
rhltechie@gmail.com
Guest
Posts: n/a
 
      06-15-2006
Hi All,


I recently deleted one of my nat statements because i needed to change
the address the inside was being natted to. well i removed the old and
added a new. i see it in the running config. but when i ping from the
outside world, the old address still answers and the new one does not.
what could i be missing? i had to do this while the internal server
was still up and running, could it be holding on to that public ip
until i reboot both the pix and the server?

TIA,

R

 
Reply With Quote
 
 
 
 
tghaas@gmail.com
Guest
Posts: n/a
 
      06-15-2006
You will have to do a "clear xlate global x.x.x.x" to clear the old
nat.

You should be able to see the current translations by doing a "sho
xlate"

TGH

http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> Hi All,
>
>
> I recently deleted one of my nat statements because i needed to change
> the address the inside was being natted to. well i removed the old and
> added a new. i see it in the running config. but when i ping from the
> outside world, the old address still answers and the new one does not.
> what could i be missing? i had to do this while the internal server
> was still up and running, could it be holding on to that public ip
> until i reboot both the pix and the server?
>
> TIA,
>
> R


 
Reply With Quote
 
 
 
 
mcaissie
Guest
Posts: n/a
 
      06-15-2006
Deleting the translation rule does not delete the translation itself .

To do so , do a "clear xlate" . You can see the existing translation
with "sh xlate".

As soon as the xlate for your inside IP is deleted it will create a new
one
using your new rule . No reboot is needed.

Be carefull , if you do a "clear xlate" without specification you will
clear all xlates , and
will disconnect all existing sessions , wich may be (or may be not )
critical, depending on the
nature of services provided through your PIX.


clear xlate [global | local ip1[-ip2] [netmask mask]] lport | gport
port[-port]]
[interface if1[,if2][,ifn]] [state static [,dump] [,portmap] [,norandomseq]
[,identity]]

show xlate [detail] [global | local ip1 [-ip2] [netmask mask]] lport | gport
port [-port]]
[interface if1 [,if2] [,ifn]] [state static [,dump] [,portmap]
[,norandomseq] [,identity]] [debug] [count]









<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Hi All,
>
>
> I recently deleted one of my nat statements because i needed to change
> the address the inside was being natted to. well i removed the old and
> added a new. i see it in the running config. but when i ping from the
> outside world, the old address still answers and the new one does not.
> what could i be missing? i had to do this while the internal server
> was still up and running, could it be holding on to that public ip
> until i reboot both the pix and the server?
>
> TIA,
>
> R
>



 
Reply With Quote
 
rhltechie@gmail.com
Guest
Posts: n/a
 
      06-15-2006
Thanks so much! everything is ok now.


mcaissie wrote:
> Deleting the translation rule does not delete the translation itself .
>
> To do so , do a "clear xlate" . You can see the existing translation
> with "sh xlate".
>
> As soon as the xlate for your inside IP is deleted it will create a new
> one
> using your new rule . No reboot is needed.
>
> Be carefull , if you do a "clear xlate" without specification you will
> clear all xlates , and
> will disconnect all existing sessions , wich may be (or may be not )
> critical, depending on the
> nature of services provided through your PIX.
>
>
> clear xlate [global | local ip1[-ip2] [netmask mask]] lport | gport
> port[-port]]
> [interface if1[,if2][,ifn]] [state static [,dump] [,portmap] [,norandomseq]
> [,identity]]
>
> show xlate [detail] [global | local ip1 [-ip2] [netmask mask]] lport | gport
> port [-port]]
> [interface if1 [,if2] [,ifn]] [state static [,dump] [,portmap]
> [,norandomseq] [,identity]] [debug] [count]
>
>
>
>
>
>
>
>
>
> <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) ups.com...
> > Hi All,
> >
> >
> > I recently deleted one of my nat statements because i needed to change
> > the address the inside was being natted to. well i removed the old and
> > added a new. i see it in the running config. but when i ping from the
> > outside world, the old address still answers and the new one does not.
> > what could i be missing? i had to do this while the internal server
> > was still up and running, could it be holding on to that public ip
> > until i reboot both the pix and the server?
> >
> > TIA,
> >
> > R
> >


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PIX - mixing "nat 0 access-list" with nat/global pools Matthew Melbourne Cisco 2 02-12-2005 03:17 PM
tftp to srvr behind pix: use nat or no-nat? Jose Cisco 3 10-24-2004 02:42 PM
PIX Policy NAT: order of NAT commands Oleg Tipisov Cisco 4 08-13-2004 07:13 PM
PIX to PIX VPN and VPN Client to PIX Config Example? GVB Cisco 1 02-06-2004 07:44 PM
[pix] desperatly need help with PIX-to-PIX config Remco Bressers Cisco 1 11-21-2003 08:58 PM



Advertisments