[c-nsp] 2821 NAT Limitations
Lee Riemer
lriemer at bestline.net
Wed Oct 13 17:46:23 EDT 2010
The ASA platform is designed for this, whereas I don't see NAT as
being the primary function of a 2811.
> we do upwards of 75,000 NAT sessions on an asa-5550 with no problems;
> bad thing here for you is that you'll also need a router platform to
> do the route maps
>
> not sure if you can split the functions, but if so then this might
> work for you.
>
> --
> Regards,
> Ge Moua
> Network Design Engineer
>
> University of Minnesota | OIT - NTS
> --
>
>
> On 10/13/10 4:11 PM, Dan Letkeman wrote:
>> Hi,
>>
>> Wondering if anyone has some experience with the NAT limitations on a
>> 2821 router? I have about 1500 users, which about half of them are on
>> the internet at one time, but we have a proxy web filter appliance
>> that all of the clients connect to that does a website lookup, and
>> check before it lets the client access the page, so it creates a
>> separate entry for every page requested. This doubles the NAT entries
>> in the router.
>>
>> Would 40,000 - 60,000 NAT translation entries be too much for a 2821?
>> It's not doing much else except NAT and a couple of route-maps.
>>
>> If so would device would be recommended that could handle this amount
>> of translations?
>>
>> Thanks,
>> Dan.
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
--
Lee Riemer
Director of Technical Operations
Bestline Communications, L.P.
Voice: 1+512.328.9095
Fax: 1+512.328.0038
More information about the cisco-nsp
mailing list