Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

NAT issue - fails on certain web sites, can't send email attach, others

We have a 7206 running 12.2(8)T doing NAT that is having issue with SOME clients that are not able to open certain web sites, send email attachments and a few other issues. If I issue a "clear ip nat translations *" then the effected clients are able to connect with no issue for approx. 45 minutes. I noticed that the translations are filling up quite quickly with connections to port 80 that are in the "timing-out" state. I see this from the "show ip nat translations verbose". It is correct to see sessions to port 80 not being removed from the translations table and have a time-out 0f 24 hours? Could it be that the sessions are not ending properly therfore the pool is being consumed with no available ports to build more translations? Any assistance would be helpful.

1 REPLY
Bronze

Re: NAT issue - fails on certain web sites, can't send email att

The default timeout value for TCP translations is 24 hours. You can try to reduce the timeout with the following command:

ip nat translation tcp-timeout

88
Views
0
Helpful
1
Replies
CreatePlease to create content