Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1952
Views
0
Helpful
5
Replies

Normal number of nat translations?

byron
Level 1
Level 1

‎06-02-2005 06:53 PM - edited ‎03-03-2019 09:44 AM

28xx cisco router with 500 users behind it what normal number of nat translations?

I have 18 vlans. One vlan has 10000 nat translations with the others at 10-300. Damn virus.

Labels:
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎06-02-2005 09:59 PM

Hello,

10000 NAT translations seems high indeed. You could try to rate limit your translations, check the document below for details.

How do you have your NAT implemented (e.g. PAT) ?

Rate Limiting NAT Translation

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d09f0.html#1048300

Regards,

GP

0 Helpful

byron
Level 1
Level 1
In response to Georg Pauwen

‎06-02-2005 10:12 PM

yes pat

I went with

ip nat translation timeout 600

ip nat translation tcp-timeout 600

ip nat translation udp-timeout 600

I can't login to that webpage by the way.

0 Helpful

i.santos
Level 1
Level 1
In response to byron

‎06-03-2005 01:27 AM

router(config)#ip nat translation max-entries ?

<1-2147483647> Number of entries

all-vrf Specify maximum number of NAT entries for each vrf

vrf Specify per-VRF NAT entry limit

router(config)#ip nat translation max-entries

0 Helpful

Kevin Dorrell
Level 10
Level 10
In response to byron

‎06-03-2005 01:49 AM

Try the URL without the "partner/":

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d09f0.html#1048300

Most of CCO is available to the public, but unfortunately if we access the page using a logged-in window, then the resulting URLs are restricted to registered users. But most of them are available to the public, just by removing the "partner/" or "customer/" part of the URL.

Kevin Dorrell

Luxembourg

0 Helpful

Tsasbrink
Level 1
Level 1

‎06-03-2005 01:51 AM

wouldn,t it be better investigating the cause instead of the results ?

You most certainly must be able to point out the cause by just having a look at these translations with "show ip nat translation"

Otherwise cache flow can tell you a lot more about the problem.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card