Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
616
Views
0
Helpful
5
Replies

Cannot clear xlate entry

Go to solution
dawsonpa
Level 1
Level 1

‎07-29-2003 04:22 AM - edited ‎03-09-2019 04:13 AM

I removed a static nat entry. I cleared the xlate table - within seconds the static translation for the entry I had just removed was back.

The firewall did not remove the entry from the translation table

Despite the fact that there is a command 'clear xlate' to clear the translation table which - the nat entry would only dissapear for a couple of seconds and then reappear. It was an system fault with the pix.

I tried a specific 'clear xlate <IP>' and then a global 'clear xlate' and neither worked.

This inherent fault is proven by the fact that, when rebooting the firewall, the problem dissapeared and the translation remained 'gone'. As I'm sure you'll agree it should not be necessary to reboot the firewall to get rid of an X-late entry.

Any advise or suggestions??

The pix version is 6.3.1

Thanks for your help

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
l.mourits
Level 5
Level 5

‎07-29-2003 05:22 AM

Hi,

this is a known bug within 6.3.1 (bug-ID CSCea84806)

See the following link:

http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCea84806&cco_product=PIX+Firewall&fset=&swver=6.3&keyw=&target=1&train=

Saving config and rebooting is the workaround for this bug. The problem has been resolved within 6.3.2

Kind Regards,

Leo

View solution in original post

0 Helpful
5 Replies 5

Go to solution
jmia
Level 7
Level 7

‎07-29-2003 04:28 AM

Hi -

I'm sure you did this, but did you do clear xlate after clearing the specific entry and the saved to memory with : write memory ??

0 Helpful

Go to solution
dawsonpa
Level 1
Level 1
In response to jmia

‎07-29-2003 04:36 AM

No - I did this:

no static blah blah blah

sh xlate

clear xlate blah blah

clear xlate

wr mem

reload

<< ONCE REBOOTED ... GONE>>

Do you think I should have done a write mem and then checked the x-late table?

Why would it make a difference?

0 Helpful

Go to solution
jmia
Level 7
Level 7
In response to dawsonpa

‎07-29-2003 04:44 AM

Try, what you suggested, i.e. write memory and then clear xlate and see what happens.

0 Helpful

Go to solution
l.mourits
Level 5
Level 5

‎07-29-2003 05:22 AM

Hi,

this is a known bug within 6.3.1 (bug-ID CSCea84806)

See the following link:

http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCea84806&cco_product=PIX+Firewall&fset=&swver=6.3&keyw=&target=1&train=

Saving config and rebooting is the workaround for this bug. The problem has been resolved within 6.3.2

Kind Regards,

Leo

0 Helpful

Go to solution
dawsonpa
Level 1
Level 1
In response to l.mourits

‎07-29-2003 10:30 PM

Thank you.

0 Helpful
Customers Also Viewed These Support Documents