Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

NAT's not working after idle, or in middle of session

I have an issue with the fact that my PIX is nat'ing my network correctly.  However, every so often I get an issue where the network we are accessing via the NAT'ed addresses stops responding.  We use alot of web based apps so we will recieve a page cannot be displayed error.  Clear xlate global (nat pool address) and then restablishing the connection to the web app corrects the problem.

This is not consistant as some of my users don't ever have the issue, and others get it after being idle for a while, and yet others get it in the middle of working inside the apps.  This is very confusing and I really need some help.  Also, if I enter statics for each device it works great and never have the issue, however I don't think that using the statics is a solution, but more of a work around.  I know the PIX 515e v7.2 should be able to handle this, I'm hoping someone has seen this before and could possibly offer some assistance.

Everyone's tags (4)
Cisco Employee

Re: NAT's not working after idle, or in middle of session


When the problem happens we need to collect the following to see what may be going on.

sh xlate count

sh xlate debug | i x.x.x.x

where x.x.x. is the host that is unable to reach the internet.

sh log | i x.x.x.x ---> make sure to enable loggin buffered to debug level

conf t

loggin on

logging buffered 7


CreatePlease to create content