Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
388
Views
0
Helpful
2
Replies

Clear XLATE on PIX 6.3(4)

BertBruner
Level 1
Level 1

‎11-17-2005 08:46 AM - edited ‎02-21-2020 12:31 AM

On a PIX 515 with a 6.3(4) OS:

I removed a NAT Static and added a PAT static with the same local address but a different global address. I then did a "CLEAR XLATE LOCAL XXX" where XXX is the local address in the Static. "Show XLATE" displayed the new mapping, but I was unable to actually connect to the resource until doing a "CLEAR XLATE" (with no qualifiers).

Am I missing something important here? Why should it be necessary to clear more than the one existing NAT mapping for the local address?

0 Helpful
2 Replies 2

jackko
Level 7
Level 7

‎11-17-2005 05:53 PM

would it be possible that the the "mapped ip" in the new pat static statement has already been mapped to some other host?

so by clearing the xlate with the "real ip" only, it wouldn't map as the "mapped ip" is already in use.

0 Helpful

BertBruner
Level 1
Level 1
In response to jackko

‎11-18-2005 04:27 AM

No. The new new IP and port were not already assigned. In fact, a show XLATE revealed that the new mapping was in the XLATE table and there were incomming "hits" showing in the access-list.

Any ideas would be greatly appreciated.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card