Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

xlate hitting max of 49000

we're working on a new network...PIX 515e with 128M ram. We are seeing dropped connectivity and noticed the problem happen when the xlate count hit 49000. We clear xlate and the problem goes away for about 5-10 minutes.

Is there any way to increase the xlate limit? We tried creating a nat pool per various subnets inside, but it didn't change the global count.

We ahve about 2200 students who I'm sure have tons of p2p apps causing the issue.

Any suggestions?

thanks!!

1 REPLY

Re: xlate hitting max of 49000

hello ,

PIX 515E supports a maximum of 1,30,000 connections. since there are close to 49,000 NAT translation entries, and if each xlate has 3 connections, it almost its the max connections that the PIX supports. Under this circumstance i think it will start dropping packets...

anyway you can decrease the xlate timeout value, which can clear out unused xlate connections... other than that, i think the hardware designed for such a high userbase is not correct. for 2200 users , you should have probably looked for a higher end PIX or ASA. also see if there are any virus problems on ur network, which has increased the xlate table...

hope this helps.. all the best.. rate replies if found useful..

Raj

173
Views
3
Helpful
1
Replies