[c-nsp] asa internal hosts limit

[Daniel Staněk]

Hello,

we are experiencing problem with ASA 5505. There is limit to 50 internal 
hosts due to the licence and the limit is always reached in short time 
after reboot even if the number of internal hosts is below apx 10.

the "sh local" output is:

Detected interface 'outside' as the Internet interface. Host limit 
applies to all other interfaces.
Current host count: 50, towards licensed host limit of: 50

and in the local hosts list we see records like:

local host: <213.149.x.x>,
    TCP flow count/limit = 1/unlimited
    TCP embryonic count to host = 0
    TCP intercept watermark = unlimited
    UDP flow count/limit = 0/unlimited

  Conn:
    TCP out 213.149.x.x:443 in 10.x.x.x:4267 idle 0:00:00 bytes 360 
flags UIO


so there is public host 213.149.x.x marked as local host even if exists 
outside of the network (therefore the local host limit s reached very 
fast as there is enough sessions). Communication for this session is 
enabled by acl and dynamycaly translated to the pool of outside address.

global (outside) 1 x.x.x.x
nat (inside) 1 access-list server_nat

access-list server_nat extended permit ip host 10.x.x.x any 


sw version is:
Cisco Adaptive Security Appliance Software Version 8.0(3)6


Does anybody know where the problem may be?

Daniel