Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

translation limit on pix/asa

Hi,

Is there any limits on amount of translation that pix/asa can handle concurrently. Any commands to see this & for correcting it.

Thanks.

9 REPLIES

Re: translation limit on pix/asa

65535 is the limit for translation slots, this of course refers to PAT and not static NAT.

The limit is set by the amount of TCP/UDP ports numbers available in the TCP/IP stack.

HTH>

New Member

Re: translation limit on pix/asa

Correct.

If you're reaching the theoretical limit of translations, you should be investing in more IP's for further translations.

Ports 1024+ is available of the 65535 for each IP you use.

However please note:

Depending on your ASA/PIX your unit may have lower limits on max translations based on its processor and memory capabilities.

Re: translation limit on pix/asa

Also, just a heads up if youre using ASA5505, you have a host license, which can be 10, 50 or unlimited users going through the asa at the same time.

New Member

Re: translation limit on pix/asa

Can you please tell me how me how many muximum ip address can be natted with single public ip address.

Re: translation limit on pix/asa

1:1 NAT = 1

1:Many PAT = 65535

HTH>

New Member

Re: translation limit on pix/asa

Thnx Andrew,

Did you meen to say, i can nat 65535 IP addresses to one IP address?

Re: translation limit on pix/asa

Not really!! with a 1:many - you will be using Port Address Tranlsation. You could have 1000 internal IP addresses and NAT them to 1 external IP address - and the ASA will have a PAT translation table with specific translation ports.

You could only have 1 internal IP and you could make 10,000 seperate outbound connections to the internet and the same priciple applies.

For every seperate outbound connection, the ASA creates 1 x PAT table entry. So that would be 65535-1 = 65534 left.

HTH>

New Member

Re: translation limit on pix/asa

Thnx adrew,

If you have any document on this then please share with me.

Re: translation limit on pix/asa

923
Views
0
Helpful
9
Replies