Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
419
Views
0
Helpful
2
Replies

clear xlate

aksher
Level 1
Level 1

‎11-14-2007 08:15 PM - edited ‎03-09-2019 07:23 PM

For a couple of times we had to clear xlate for a particular machine on FWSM.

Background:

1.Server is able to ping till the interface ip of the FWSM.

2.Server is not able to connect on any port to ohter servers in other VLANS.

Appreciate your help on this.

Labels:
0 Helpful
2 Replies 2

Not applicable

‎11-20-2007 02:39 PM

There are some NAT commands that are involved in an access-list change, like NAT0ACL and policy NAT. In these 2 cases, a change in the access-lists implicitly changes the rules of the NAT, and a 'clear xlate' is required. Refer usage guidelines of http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/command/reference/c.html#wp1217767. Generally this can also happen when the ip addresses are not available for translation. If this is the case you can consider implementing PAT.

0 Helpful

abdave
Level 1
Level 1

‎12-02-2007 11:50 PM

clear xlate normally require when there is no further IPs are left for translation between private and public IP.you can reduce the refreash time . I guess bydefault it is 3 days.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents