cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1036
Views
10
Helpful
3
Replies

Pix-515 Stops forwarding PAT Traffic - CLEAR XLAT Fixes

JonWHauer
Level 1
Level 1

I know the PIX-515 has been off support since 2007, but there is, still, one integrated into our network.  At times, it stops forwarding or responding to PAT traffic directed to an internal server on port 80 (www).  Nothing else on the device is impacted and it is fixed by clearing the translation table (Clear XLAT).  Is there a better fix than to constantly clear this table? 

3 Replies 3

Maykol Rojas
Cisco Employee
Cisco Employee

Hi;

Clearly there is an issue with either the connection or the translation. I would run a packet-tracer at the time of the issue and get the logs. We need to narrow it down a bit more.
Let me know


Sent from Cisco Technical Support Android App

Mike

greetings  jon.

i bet the problem is the lack of memory ram for addressing all dinamic translation table on memory, so connection tracking is going corrupt and then nat is stop doing the task.

when you'll do clear xlate, the table goes to null and then could address new connections.

check out how many open connections you had on your PIX before stops working, and then before and after clear xlate check how much ram you had used then compare.

if you'll PIX has less than 128MB, just buy some SDRAM 128MB PC 133Mhz Memories and put them...

that's my idea.

had a great day and rate if this helps you.

had a great day . best regards, and rate if you'll find this post useful

I bet not. A port redirection is a static translation, If you do a show Xlate prior sending traffic, the Xlate is there, no matter what happens. If anything should be failing would be the dynamic translations, not the static ones and this is not the case.

Bet if it was your guess, All dynamic translations should be failing.

Mike

Mike
Review Cisco Networking for a $25 gift card