cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6072
Views
4
Helpful
5
Replies

Cisco ASA Nat rule - Timeout

jorg.ramakers
Level 1
Level 1

Hi,

We installed a cisco asa 5510 in front of our netwerk with a natrule point to the owa publishing rule of an MS Isa.

Since we placed the asa in front of our network, clients are complaining that the sessions are disconnected after 3 minutes.

Can this timeout finetuned on a cisco asa 5510

Best regards

Jorg

5 Replies 5

Brent Rockburn
Level 2
Level 2

Can you post the config?

busterswt
Level 1
Level 1

Am I right to assume you've configured a dynamic NAT rule? If so, are you using only one IP in the pool? How many clients do you have? There is an xlate timeout that defaults to 3 hours, but perhaps it is different in your config. The line is 'xlate timeout xx:xx:xx' (hours,minutes,seconds). You might try increasing the value to see if it helps. Of course, I could be way off-base here, so take my advice with a grain of salt.

Hi,

Sorry about my incomplete post.

I created a static nat entry.  Is the xlate time-out related to a static nat entry?  In my opinion,only to the dynamic pool as you suggested.

I was thinking more in the direction of tcp time-out, but can't imagine that this is related to this.

The server team told me that the isa time-out was configured to 30 min.

Best regards

Jorg

Thanks for the new info. In my previous comment I was looking at it from an outbound client perspective, thus my question about dynamic nat. In the case of the xlate timeout, it is used for both static and dynamic NAT. I doubt that's the issue here though.

There is a connection timeout setting on the ASA -- timeout conn 1:00:00 -- that defaults to one hour. A connection reset after only 3 minutes seems strange. If you wouldn't mind posting a sanitized config here maybe someone can shed some light on it.

jorg.ramakers
Level 1
Level 1

All,

Thanks for the assistance, issue is solved.  It was a timeout issue on the Mircrosoft ISA

Best Regards

Jorg

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: