Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

How do I reset "show xlate count"?

Hi

We recently had a surge in outside xlates and the counter for xlate most used shot up to 65700. Out average xlate count is 1500 and this makes the xlate monitoring graph hard to interpret.

Is it possible to reset this "most used" counter?

Regards

Fredrik

5 REPLIES
New Member

Re: How do I reset "show xlate count"?

use #clear xlate

New Member

Re: How do I reset "show xlate count"?

clear xlate did not do the trick. 65700 is still the "most used" xlate count.

I use a context based FWSM version 3.1(10) if that makes any difference.

/Fredrik

Hall of Fame Super Blue

Re: How do I reset "show xlate count"?

Fredrik

I'm sure you know this but just in case please do not use "clear xlate" as suggested in previous post as this will remove all active translations.

Jon

Re: How do I reset "show xlate count"?

i agree with jon.

If you must clear the xlate table, do so at a time of low usage or during a downtime window.

Francisco

Re: How do I reset "show xlate count"?

You can also adjust various idle timers that affect address translations and connections maintained by the firewall. Use the following commands if you feel a timeout adjustment is needed:

Xlate entry timer:

Firewall(config)# timeout xlate hh[:mm[:ss]]

By default, xlate entries involving TCP connections are be deleted after they have been idle (no data passed) for 3 hours. The minimum idle time is 1 minute, but the xlate idle timer can't be set to a value that is less than the uauth timer (the default is 5 minutes).

Xlate portmap (PAT) entries created for UDP always idle out after 30 seconds. This idle timer cannot be configured.

Francisco

776
Views
5
Helpful
5
Replies
CreatePlease to create content