[c-nsp] 2821 NAT Limitations
Ge Moua
moua0100 at umn.edu
Wed Oct 13 17:40:21 EDT 2010
forgot to mention that I'm fairly certain that many NAT sessions that
you require will overun the 2800 which process switch that function (no
good).
--
Regards,
Ge Moua
Network Design Engineer
University of Minnesota | OIT - NTS
--
On 10/13/10 4:38 PM, Ge Moua wrote:
> we do upwards of 75,000 NAT sessions on an asa-5550 with no problems;
> bad thing here for you is that you'll also need a router platform to
> do the route maps
>
> not sure if you can split the functions, but if so then this might
> work for you.
>
> --
> Regards,
> Ge Moua
> Network Design Engineer
>
> University of Minnesota | OIT - NTS
> --
>
>
> On 10/13/10 4:11 PM, Dan Letkeman wrote:
>> Hi,
>>
>> Wondering if anyone has some experience with the NAT limitations on a
>> 2821 router? I have about 1500 users, which about half of them are on
>> the internet at one time, but we have a proxy web filter appliance
>> that all of the clients connect to that does a website lookup, and
>> check before it lets the client access the page, so it creates a
>> separate entry for every page requested. This doubles the NAT entries
>> in the router.
>>
>> Would 40,000 - 60,000 NAT translation entries be too much for a 2821?
>> It's not doing much else except NAT and a couple of route-maps.
>>
>> If so would device would be recommended that could handle this amount
>> of translations?
>>
>> Thanks,
>> Dan.
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list