Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
5
Helpful
3
Replies

ISM CGN NAT44 exclude single IP address?

Asad Ul Islam
Beginner
Beginner

‎11-04-2014 09:44 PM

friends,

 

i am running CGN with NAT44 on ISM module.  Problem i am facing is that whenever we face spamming by miscreant user in our network, our upstream blocks the public ip pool on which we perform nat44 translation, resulting all nat44 users to face outage. until we change the address-pool

Is there anyway to exclude one IP Address from address-pool ?? or define multiple address pools?

 

following is my configuration;

 

service cgn cgn
 service-location preferred-active 0/1/CPU0
 service-type nat44 nat44
  portlimit 512
  alg ActiveFTP
  alg rtsp
  alg pptpAlg
  inside-vrf inside-lan1-inside
   map outside-vrf inside-lan1-outside address-pool 101.53.118.184/24
  !
  protocol tcp
   session active timeout 300
  !
 !
!
end

Labels:
0 Helpful
3 Replies 3