Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NATting seems to have stopped in PIX 525

We have PIX 525 with inside, outside and DMZ configured.

after some time of smooth operations, the PIX stops forwarding traffic from inside to outside. Inside to DMZ works fine.

After some time even inside to DMZ traffic stops.

We have to remove the access list statements, static NAT statements and reenter the same to get the firewall functioning again.

Has any one faced such problem, or has anybody got any solution to this?

New Member

Re: NATting seems to have stopped in PIX 525

Maybe your running out of addresses in the NAT pool. They take awhile to timeout and be made available for other hosts. Try reducing the timeout xlate and conn timers.

You might also turn on PAT. In any case, to truly see what’s going on when you lose connectivity, capture a debugging syslog file and have that ready with your configuration file for the TAC.