Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1285
Views
5
Helpful
3
Replies

Clear XLATE break all current connections using NAT on the ASA?

CiscoPurpleBelt
Level 6
Level 6

‎07-23-2019 09:06 AM - edited ‎02-21-2020 09:19 AM

Clear XLATE break all current connections using NAT on the ASA?

0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎07-23-2019 09:36 AM

Hi,
Well it clears the nat sessions on the device and therefore the current connections, TCP applications should detect packet loss and re-transmit and a new nat session will be established.

HTH

CiscoPurpleBelt
Level 6
Level 6
In response to Rob Ingram

‎07-23-2019 09:39 AM

Awesome great!

In regards to a IPSEC VPN on ASA, can you simply add a new host or create a new object-group and add all the source hosts in the IPSEC profile on ASA without breaking anything assuming remote end has allowed the new host?
0 Helpful

Rob Ingram
VIP
VIP
In response to CiscoPurpleBelt

‎07-23-2019 09:51 AM

Yes, you can add the new network/host to the ACL or to the object group that is referenced in the ACL in use by the crypto map. Nothing should break, as long as both ends of the VPN tunnel have been configured with the same host/network with the correct mask.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card