Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
General
Off-Topic
Cisco ASR1006 Dynamic NAT timeout
Monkerz
Ran into a issue today with an ASR1006 and hitting the default maximum dynamic NAT limit of 524288. To resolve this quickly on the fly I increased the limit to 750K, however I would like to step this back down to the default.
While investigating I noticed the default NAT timeout for dynamic entries is 24 hours by default. I have many idle NATs when using this timeout. I am toying with the idea of setting the NAT timeout to 8 hours. Can anyone attest to any negative impacts this may have other than after 8 hours a miss being logged and slight delay as a new NAT is created?
A little history; we are moving to a global private IP scheme. We have around 420 24bit networks sitting behind this node, and its redundant neighbor, while we are readdressing.
Find more posts tagged with
Comments
There are no comments yet
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
