Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1015
Views
0
Helpful
3
Replies

Disable Xlate in ASA 8.1

Go to solution
jpingitore
Level 1
Level 1

‎02-07-2012 08:38 AM - edited ‎03-11-2019 03:25 PM

Hi Expert,

Do you now if it is possible to disable the xlate for some connection?

The ASA has some concurrent session limitation that, I think, is related to xlate connections.

As my firewall is not performing any kind of NAT, is it possible to disabe xlate for some connections.

I saw some options like nat exemption, but i not sure if the xlate still being create even if we don't have a NAT translation.

Thanks

Jorge

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to jpingitore

‎02-07-2012 09:37 AM

That is correct And it will still be working stateful, no matter if you are running NAT or not. Xlate is just one of the things that the stateful table uses, but others like source port destination port, inspections and so on are also considered when building the table.

Mike

Mike

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee

‎02-07-2012 09:04 AM

Jorge,

If you are not running any kind of NAT then thats it.. The xlate timouts that you have dont take effect. They are only going to take effect is there is Xlate entries on the Xlate table.

If you dont have any NAT, the Xlate table is not going to be populated, hence any issues you may have regarding connections are not going to be affected by any of these options.

Mike

Mike
0 Helpful

Go to solution
jpingitore
Level 1
Level 1
In response to Maykol Rojas

‎02-07-2012 09:26 AM

In case I have some NATs and for some reason I don't like any kind of xlate for specific connections. Can I use NAT exemption? In this case i will not have xlate for the NAT exemption rules?

For this case, with NAT exemption, I believe that the firewall will work like stateless firewall or not?

Thanks In advanced

0 Helpful

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to jpingitore

‎02-07-2012 09:37 AM

That is correct And it will still be working stateful, no matter if you are running NAT or not. Xlate is just one of the things that the stateful table uses, but others like source port destination port, inspections and so on are also considered when building the table.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card