Pix 501 Dynamic NAT and Static NAT

Unanswered Question
Apr 23rd, 2008

I have a pix 501 with pix version 6.3(4)

I currently have static nat. I want to leave the static nat and add a dynamic nat for a block of say 30 addresses. I need the address to release if there is no activity for say an hour. Would appreciate any help or input on this issue.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 04/23/2008 - 11:10

nat (inside) 2 10.5.1.0 255.255.255.0

global (outside) 2 172.16.5.1-172.16.5.30

You can decrease the xlate timeout on the pix with

timeout xlate 1:00:00

default is 3 hours. Do "sh timeout" to see defaults.

Bear in mind that the timeout settings on pix v6.x are global so this will affect all xlates.

Jon

Actions

This Discussion