Pix 501 Dynamic NAT and Static NAT

Unanswered Question
Apr 23rd, 2008

I have a pix 501 with pix version 6.3(4)


I currently have static nat. I want to leave the static nat and add a dynamic nat for a block of say 30 addresses. I need the address to release if there is no activity for say an hour. Would appreciate any help or input on this issue.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 04/23/2008 - 11:10

nat (inside) 2 10.5.1.0 255.255.255.0

global (outside) 2 172.16.5.1-172.16.5.30


You can decrease the xlate timeout on the pix with


timeout xlate 1:00:00


default is 3 hours. Do "sh timeout" to see defaults.


Bear in mind that the timeout settings on pix v6.x are global so this will affect all xlates.


Jon



Actions

This Discussion