I am installing an ASA 5540 in front of a client router. The Client requires no more than a 1:32 NAT translation ratio. I have over 3500 users so this equals out to be 110 NAT translations in the configuration.
Can anyone tell me if there is a limit that I would be exceeding on the 5540 and or if there would be a better way to set this up?
Each new TCP connection initiated from the inside gets a 1-1 NAT for as long as the connection is active. Once it is closed, that XLATE entry clears and that IP is available once again for the pool to assign dynamically. If the pool is exhausted, the last pool address will be used as a PAT.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...