Solved: ASA 5580 NAT problem

gasparmenendez · ‎02-03-2017

Hi people,

this morning I started an ASA 5580 for grant access to the internet to 10 CMTS's. I'm using one public ip address for each CMTS. The problem is that in real-time log I'm receiving PAT pool exhausted... like this:

%ASA-3-202010: [NAT | PAT] pool exhausted for pool-name, port range
[1-511 | 512-1023 | 1024-65535]. Unable to create protocol connection from
in-interface:src-ip/src-port to out-interface:dst-ip/dst-port
The ASA has no more address translation pools available.

is anyway to fix it?? can anybody help me please?? I'm new to ASA but I'm learnig running tests and more tests...

Thanks in advance.

BR.

Ajay Saini · ‎02-03-2017

Can you attach following outputs from ASA:

show nat detail

show xl count

sh run | in timeout

Also, try using extended or flat keywords of NAT statement depending upon the cause of this syslog generation.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdref2/n.html

-

AJ

View solution in original post

Ajay Saini · ‎02-03-2017

Can you attach following outputs from ASA:

show nat detail

show xl count

sh run | in timeout

Also, try using extended or flat keywords of NAT statement depending upon the cause of this syslog generation.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdref2/n.html

-

AJ

gasparmenendez · ‎02-03-2017

problem solved!!!

thank you very much my friend

BR

Ajay Saini · ‎02-03-2017

Glad to help. Happy weekend. !

-

AJ