Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

"Out of translation slots"

Unanswered Question
Jan 23rd, 2003
User Badges:

I have recently starting having a problem with running out of translation slots. I have 2 global PAT's setup that should give me more than enough. I think the problem is that connection are getting disconnected, even though I have my xlate and conn timeouts set low. It takes about a day, but I eventually totally running out of translation slots and I have to clear xlate...Any help would be appreciated...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mpalardy Thu, 01/23/2003 - 08:17
User Badges:
  • Bronze, 100 points or more

What exactly are those values ? (timeout and provided me with global)

What's the output of show xlate. There's may be a host whitch use all this ressource on PIX.


j-toates Thu, 01/23/2003 - 08:49
User Badges:

xconn value is set to 30min (temp)

conn value set to 30min (temp)

show xlate doesn't really show anything out of the ordinary..There are multiple hosts, although some host have multiple translates..

Shouldn't these xlates timeout after 30 mintues then drop..

Thanks for the reply

mpalardy Thu, 01/23/2003 - 11:44
User Badges:
  • Bronze, 100 points or more

Xlate will be dropped after 30 minutes of idle (inactivity).

Since timeout value are equal between xlate and conn. I'd give it a BIG try by increasing xlate timeout to 00:40:00.

May be a reload of your pix would be good.

Anybody have a better idea.

What version of PIX do you run ?

reinke Mon, 01/27/2003 - 04:55
User Badges:

Just a little bit brainstorming:

PAT uses different default timeouts than NAT (30 seconds versus 3 hours). 30 seconds are used to save ressources: If PAT is in use, every session needs its own xlate, because we need ip addresses and port numbers!

I am not shure if there is a nob to change the default timeout for xlates which are based on PAT.

What about License:

- Do you use a UR license?

- Do you use a pix 501 with a 10 user license?



This Discussion