Here you go

NetgearFW# sh run timeout
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
NetgearFW#

Here's what Cisco says about that error message:

This is a connection-related message. This message is displayed if the adaptive security appliance has no more address translation slots available.

You should check the size of the global pool compared to the number of inside network clients.

A PAT address may be necessary. Alternatively, shorten the timeout interval of translates and connections.

This error message could also be caused by insufficient memory; reduce the amount of memory usage, or purchase additional memory, if possible.

However, you said there are only two hosts simultaneosuly behind the ASA?

I would think that either there's not enough memory on the box (8.4 require more memory than older versions)

You might want to adjust the XLATE and CONN timers to 10 and 5 minutes respectively just to test but we need to check other things.. can you attach a show ver please?

Federico.

Box currrently has 512mb, I have purchased  a 1Gig stick but. But ASA will not boot with Gig stick. I noticed that  the browsing performance is also sluggish. I will test after with  adjusting CONN & XLATE.

8.4 should run fine with 512MB on ASA 5505

The amount of translations or connections are not a lot and PAT is definitely not being exhausted.... so... I would think a bug?

Just to check on your license, is it a 10-user, 50-user or unlimited?

Federico.

NetgearFW# sh ver

Cisco Adaptive Security Appliance Software Version 8.4(1)

Device Manager Version 6.4(1)

Compiled on Mon 31-Jan-11 02:11 by builders

System image file is "disk0:/asa841-k8.bin"

Config file at boot was "startup-config"

NetgearFW up 2 days 18 hours

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash M50FW080 @ 0xfff00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

                             Boot microcode        : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode     : CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.06

                             Number of accelerators: 1

0: Int: Internal-Data0/0    : address is 0019.0710.17ef, irq 11

1: Ext: Ethernet0/0         : address is 0019.0710.17e7, irq 255

2: Ext: Ethernet0/1         : address is 0019.0710.17e8, irq 255

3: Ext: Ethernet0/2         : address is 0019.0710.17e9, irq 255

4: Ext: Ethernet0/3         : address is 0019.0710.17ea, irq 255

5: Ext: Ethernet0/4         : address is 0019.0710.17eb, irq 255

6: Ext: Ethernet0/5         : address is 0019.0710.17ec, irq 255

7: Ext: Ethernet0/6         : address is 0019.0710.17ed, irq 255

8: Ext: Ethernet0/7         : address is 0019.0710.17ee, irq 255

9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255

10: Int: Not used            : irq 255

11: Int: Not used            : irq 255

Licensed features for this platform:

Maximum Physical Interfaces       : 8              perpetual

VLANs                                       : 20             DMZ Unrestricted

Dual ISPs                                   : Enabled        perpetual

VLAN Trunk Ports                       : 8              perpetual

Inside Hosts                               : Unlimited      perpetual

Failover                                      : Active/Standby perpetual

VPN-DES                                   : Enabled        perpetual

VPN-3DES-AES                         : Enabled        perpetual

AnyConnect Premium Peers        : 2              perpetual

AnyConnect Essentials               : Disabled       perpetual

Other VPN Peers                        : 25             perpetual

Total VPN Peers                         : 25             perpetual

Shared License                           : Disabled       perpetual

AnyConnect for Mobile                : Disabled       perpetual

AnyConnect for Cisco VPN Phone    : Disabled       perpetual

Advanced Endpoint Assessment      : Disabled       perpetual

UC Phone Proxy Sessions           : 2              perpetual

Total UC Proxy Sessions             : 2              perpetual

Botnet Traffic Filter                      : Disabled       perpetual

Intercompany Media Engine         : Disabled       perpetual

This platform has an ASA 5505 Security Plus license.

Serial Number: JMX10000000

Running Permanent Activation Key: 0xb2031100 0x0039eb00 0xe8617900 0x877cd400 0x850ff00

Configuration register is 0x1

Configuration last modified by adm!n at 21:33:14.304 CST Thu Feb 24 2011

NetgearFW#

downgrade is always a good troubleshooting step. I am glad that it is working fine now. That could be caused by a software bug.

Please mark this as answered if possible.

Hi guys,

We had. exactly, the same problem. There is a BUG reported (CSCum51086):

https://tools.cisco.com/bugsearch/bug/CSCum51086/?referring_site=bugquickviewredir

Regards

Cristián

this worked for me....