cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1987
Views
0
Helpful
2
Replies

NAT/PAT Pool exhausted

vaidyasagar15
Level 1
Level 1

We are using ASA 5555-X with 9.1.1 IOS version.

We are continuously receiving below logs from my standby Firewall since last 3 days:
 

%ASA-3-202010: NAT/PAT pool exhausted. Unable to create connection.
%ASA-3-202010: NAT/PAT pool exhausted. Unable to create connection.
%ASA-3-202010: NAT/PAT pool exhausted. Unable to create connection.
%ASA-3-202010: NAT/PAT pool exhausted. Unable to create connection.
%ASA-3-202010: NAT/PAT pool exhausted. Unable to create connection.

 

We have yet not observed any impact.

 

I have already checked my NATing entries, no discripencies observed, also we have enough memory.

 

Please, can anyone assist what might be causing to generate these alerts.

2 Replies 2

vaidyasagar15
Level 1
Level 1

Can someone provide input on this please.

Hi,

 

Well I would suggest listing all your NAT configurations that use a NAT Pool. In those cases it would also be a good idea to have a PAT address attached to the configuration that the users connections would use when the NAT pool is exhausted.

 

Also is there any logs about the actual connections which are being blocked because of the ASA not being able to perform the NAT?

 

Are you saying that you have not heard about any connectivity problems from anyone?

 

It would be important to know what NAT configuration this error refers to so we could check what the problem is.

 

Naturally wihtout knowing anything about your actual configurations its hard to say what the problem is other than what the message seems to imply which is either too small NAT Pool configured for users (typically nowadays one would use PAT only) or perhaps this is related to some configuration error.

 

Only problem I have witnessed so far related to bug was in software level 8.4 where the ASA had several NAT + PAT configurations for users and the ASA suddenly stopped using the PAT configuration when the NAT Pool was completely in use.

 

- Jouni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: