[c-nsp] NAT translation rate limit issue
gregory williamson
greg5171 at yahoo.com
Fri Nov 19 06:20:19 EST 2010
Hi
I could use some assitance. We are trying to limit simaltaneous connections by users and 10000 for everything else. This is to prevent users from using certain programs like bit torrent, etc. When we add the following command to the router the NAT translation table fills and crashes and reloads. The 200 connections command we use does not seem to be doing what we hoped. Does the 200 rate limit count per user or for all users based on the commands we used? What is the best way to fix it.
Thanks for any assistance.
Greg
The following lines were added to the config of our 2811:
ip nat trans max-entries list 20 200 -limits users to 200 NAT Translations
(ACL 20 selects all 192.168.#.# except 192.168.10.#)
ip nat trans max-entries host 192.168.10.13 10000 -allows 10000 NAT Translations
ip nat trans max-entries host 192.168.10.14 10000
ip nat trans max-entries host 192.168.10.15 10000
ip nat trans max-entries host 192.168.10.22 10000
More information about the cisco-nsp
mailing list