Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Cisco Employee

Weird Xlate working - Xlate ip pool was xlated again on ASASM

Hi Experts.

Our customer has ASASM for their security.

Their firewall mode is a transparent mode as below.

Vlan 12 ---------- Bvi------------Vlan 112

From logs, after customer source IP xlated , It also seemed to be xlated again.

This issue occurred during a taking several min, after that this didn't occurred again.

Could you give me an idea regarding this issue?

1. Problem Description

    - Customer checked lots of xlate table increasing on their ASASM
   -  Xlate syslogs seemed to be weird because that’s source IPs were same with their PAT ip pool.

2.  Log Information

Sep 09 2014 14:06:46: %ASA-6-302013: Built outbound TCP connection 737959709 for outside:210.118.50.17/1720 (210.118.50.17/1720) to inside:203.244.219.17/62657 (203.244.219.4/62657)

Sep 09 2014 14:06:46: %ASA-6-302013: Built outbound TCP connection 737959710 for outside:210.118.50.23/1720 (210.118.50.23/1720) to inside:203.244.219.17/12630 (203.244.219.4/12630)

Sep 09 2014 14:06:46: %ASA-6-302013: Built outbound TCP connection 737959711 for outside:210.118.50.25/1720 (210.118.50.25/1720) to inside:203.244.219.57/17964 (203.244.219.17/7976)

object network 203.244.219.1-249

range 203.244.219.1 203.244.219.249

object network 203.244.219.250

host 203.244.219.250

object network 203.244.219.251

host 203.244.219.251

object network 203.244.219.252

host 203.244.219.252

object-group network global1

network-object object 203.244.219.1-249

network-object object 203.244.219.250

network-object object 203.244.219.251

network-object object 203.244.219.252

nat (inside,outside) source dynamic any pat-pool global1

 
3. System Information

  ASA Version 9.0(2)241

24
Views
0
Helpful
0
Replies
CreatePlease to create content