cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9512
Views
1
Helpful
11
Replies

How to Clear NAT Pool in 8.6 version of ASA 5525-X

Gurpreet Puri
Level 1
Level 1

Dear All,

 

I have an ASA 5525-X and using version 8.6.

Initially, I have used the static NAT and bind my public IP with the Local IP.

Then, the ISP got changed and I have got new list of Public IPs.

The issue here I am facing is I have tagged and provide all the configuration according to the New IP Details but still my 'sh nat pool' commands shows me previous public ip address which is leading to non-functional of new static nat.

 

Can anyone please help me how shall I clear the nat pool in 8.6 as previous to 8.3 the command used is 'clear ip nat pool' but it is no longer available in new version.

 

Any help would be appreciated.

Thanks,

Gurpreet Singh

 

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)
11 Replies 11

You can issue the command clear xlate.  This will clear ALL nat  enteries.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

Thanks Marius for replying !!!

 

I have tried this as well but not working !!!

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)

Your nat translations still show the old IPs?

Perhaps you need to do something a little more drastic...when you get the chance save your configuration and then restart you ASA.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

Yes Marius... It still shows the OLD IP.

 

I have saved the configuration and reload the ASA but it is still showing same thing.

 

Tried, Clear conn and clear traffic too but it;s not clearly the nat pool.

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)

There might be some remaining config that is messing things up.  Have you made sure that all of the old NAT config is removed?

could you please post a full running config of your ASA (sanitised)?

--

Please remember to select a correct answer and rate helpful posts

 

--
Please remember to select a correct answer and rate helpful posts

Hi Gurpreet,

 

Have you tried clear xlate <global> <IP Address> or something like this which is specific to that public IP address????

Also you can try to break the connection which is trying to hit with the old public IP and then try for xlate.

This can be a bug or some services would have got hung.....

Regards

Karthik

Yes nKarthikeyan,

 

I have tried clearing the global xlate as well... but it didn't work out !!!

 

May be you are right, there is some kind of bug in the services or the in the version 8.6 of ASA.

 

My colleague is suggesting me to erase the flash and reconfigured it... I don't want to go that way until I found the root cause of it.

 

Regards,

Gurpreet

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)

When you added the new NAT entries did you delete the old ones?

"show run nat" will display the current NAT configuration.

Yes, Marvin...

 

I deleted the old entries and then created the new one.

 

In the 'show run nat' it is not showing me the old entries but in 'sh nat pool' the old entries are visible instead of the new ones...

 

Regards,

Gurpreet

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)

Does show nat also show the old NAT IPs?

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

show nat doesn't show the old entires...

 

old entries are visible in nat pool...

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)
Review Cisco Networking for a $25 gift card