• Advertisement

What is the impact of disabling xlate in FWSM

Firewalls, PIX, ASA, VPN, Access Control List, User Authentication, Data Encryption and Best Practices.

What is the impact of disabling xlate in FWSM

Postby Guest » Tue Dec 07, 2010 3:03 pm

Hi All,

 

We have simple setup with 3 to 4 zones in FWSM with simple ip traffic flowing across the zones and no natting is configured also in the FWSM.I would like to know what would be the impact if we disable xlate in global configuration in FWSM and what is the command to do the same.

 

Is there any default count stored for xlate table in FWSM and what happens when we do clear xlate in FWSM.

 

 

Regards

Ganesh.H

Guest
 

Advertisement

Re:What is the impact of disabling xlate in FWSM

Postby Guest » Tue Dec 07, 2010 4:10 pm

ganeshh.iyer wrote:

 

Hi All,

 

We have simple setup with 3 to 4 zones in FWSM with simple ip traffic flowing across the zones and no natting is configured also in the FWSM.I would like to know what would be the impact if we disable xlate in global configuration in FWSM and what is the command to do the same.

 

Is there any default count stored for xlate table in FWSM and what happens when we do clear xlate in FWSM.

 

 

Regards

Ganesh.H

 

Ganesh

 

The xlate table is used for NAT translations. If you are not doing any Natting then there won be any entries in the xlate table. Im not aware of a way to disable xlate on the FWSM but im not sure why you would want or need to do that anyway.

 

Not sure what you mean by default count, do you mean maximum number of allowed xlate entries ?

 

If you clear xlate on the FWSM or ASA then any existing connections that have entries in the xlate table will be torn down so its not usually a thing you want to do during production hours. Note that the clear xlate command has an option to specify which actual xlate entry you want to remove.

 

Jon

Guest
 

Re:What is the impact of disabling xlate in FWSM

Postby Guest » Tue Dec 07, 2010 4:54 pm

If you don need translation, you can configure the "xlate-bypass" feature:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/command/reference/uw.html#wp1306953

 

The maximum concurrent xlate in FWSM hardware is 262144

 

Hope that helps.

Guest
 

Re:What is the impact of disabling xlate in FWSM

Postby Guest » Tue Dec 07, 2010 6:02 pm

halijenn wrote:

 

If you don need translation, you can configure the "xlate-bypass" feature:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/command/reference/uw.html#wp1306953

 

The maximum concurrent xlate in FWSM hardware is 262144

 

Hope that helps.

 

I stand corrected. Many thanks for that link.

 

Ganesh - apologies for the misleading information, i have learnt something new today.

 

Jon

Guest
 

Re:What is the impact of disabling xlate in FWSM

Postby Guest » Tue Dec 07, 2010 6:13 pm

Jon - we all learn everyday

Guest
 

Next


  • Advertisement


Similar topics

Deleting asdm image from FWSM flash
Forum: Cisco Security
Author: Guest
Replies: 0

RVS4000 disabling IPS kills DNS
Forum: Small Business Routers
Author: Anonymous
Replies: 0

Between FWSM and vlan1 at 6500
Forum: Cisco Security
Author: Anonymous
Replies: 0

Installing FWSM in Cisco VSS configuration
Forum: Cisco Security
Author: Anonymous
Replies: 0

ASDM 6.2(2)F for FWSM - Release Notes?
Forum: Cisco Security
Author: Anonymous
Replies: 0


Return to Cisco Security

Who is online

Users browsing this forum: No registered users and 1 guest