07-24-2008 11:20 PM - edited 02-21-2020 02:56 AM
Hi guys, I have a dmz network in the company I worked. A private network is connected to the DMZ interface of ASA 5510. I notices that every morning I have to issue the "clear xlate" command in the IOS so that computers can connect to the Internet.
Can you help me in fixing this guys? Please.... Thanks....
07-25-2008 03:54 PM
post the config please - could be the xlate timeout might be an issue, are you doing PAT or specific Interface NAT...you could be running out of slots (unlikely as there 65xxx) or IP addresses if you are doing 1 two 1 NAT!
HTH>
07-25-2008 06:41 PM
Hi, thanks for the reply. The xlate timeout was set to 3:00:00. Is it just ok? I was using NAT but for less than 10 IP addresses.
What you think is the problem? Do I still have to post the config?
07-26-2008 11:16 AM
That is the default and generally that setting is OK. What device & version of IOS are you running?
07-27-2008 11:54 PM
07-28-2008 12:13 AM
Hi,
NAT the DMZ ip subnet with a specific public IP and not with the outiside interface.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: