Discussion in 'Cisco' started by Toni P., May 10, 2006.

  Toni P.

    Toni P. Guest


    We have a Cisco Pix (525) that requires doing a clear xlate command
    about once daily when people randomly do not have access to outside

    If I do a sho xlate after it clears and we are not roaming to a good
    portion of the range we have.

    Any ideas as to what is causing this? The config is right and there
    are no virus issues.Let me know what you might think is causing this.

    Thanks much,

    Toni P., May 10, 2006
  2. I gather that you imply that you have a global (outside) IP range
    but no global (outside) PAT, and that you are finding that even
    though your outside IP range is not being fully used, that you
    are running out of connection IPs.

    If that's the case, it would be interesting to see the syslog
    messages. Also, I would cross-check to see whether the global IP
    range overlaps with one of the statics -- that's unsupported
    except if the static is a PAT.
    Walter Roberson, May 10, 2006
  Toni P.

    Toni P. Guest


    523 for the OS
    xlate is set at 5 seconds currently. We have had it 3 hours and 30
    minutes as well and have had this problem at both.
    Here's more information:
    nat (inside) 0 access-list 101
    nat (inside) 1 0 0
    sho global
    global (outside) 1
    global (outside) 1
    global (outside) 1
    global (outside) 1

    Hopefully this helps.

    Thanks, Toni P.
    Toni P., May 11, 2006
