Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

XLATEs not timing out

Has anyone had experience with XLATEs not timing out? I'm using PAT on a PIX 525 for approx 100 users. This has been working fine for a year. Recently I've been forced to do a clear xlate on every other day to free up connections on our patted address. We can get to 100,000 xlates before we hit the limit.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: XLATEs not timing out

Sounds like a bug, take a look at CSCdy58717.

From the bug:

Workaround:

- If this condition takes long time to develop, for example, if this issue only occurs several weeks after PIX reloads, then reloading PIX is the proper workaround.

- If this condition takes shorter time to develop, say, only a couple of days after PIX reloads, or if frequent reload is not a feasible workaround, then 'clear xlate' is the proper workaround. If even 'clear xlate' does not clear all non-timing out connections, use 'clear local-host'.

- Use a version below 6.2 (or download the beta 6.3(0.124) as Cisco says it's fixed in that code, but good luck with that one!) .

Hope it helps.

Steve

1 REPLY

Re: XLATEs not timing out

Sounds like a bug, take a look at CSCdy58717.

From the bug:

Workaround:

- If this condition takes long time to develop, for example, if this issue only occurs several weeks after PIX reloads, then reloading PIX is the proper workaround.

- If this condition takes shorter time to develop, say, only a couple of days after PIX reloads, or if frequent reload is not a feasible workaround, then 'clear xlate' is the proper workaround. If even 'clear xlate' does not clear all non-timing out connections, use 'clear local-host'.

- Use a version below 6.2 (or download the beta 6.3(0.124) as Cisco says it's fixed in that code, but good luck with that one!) .

Hope it helps.

Steve

109
Views
5
Helpful
1
Replies
CreatePlease login to create content