[c-nsp] 2821 NAT Limitations

Ge Moua moua0100 at umn.edu
Wed Oct 13 17:40:21 EDT 2010


  forgot to mention that I'm fairly certain that many NAT sessions that 
you require will overun the 2800 which process switch that function (no 
good).

--
Regards,
Ge Moua
Network Design Engineer

University of Minnesota | OIT - NTS
--


On 10/13/10 4:38 PM, Ge Moua wrote:
>  we do upwards of 75,000 NAT sessions on an asa-5550 with no problems; 
> bad thing here for you is that you'll also need a router platform to 
> do the route maps
>
> not sure if you can split the functions, but if so then this might 
> work for you.
>
> -- 
> Regards,
> Ge Moua
> Network Design Engineer
>
> University of Minnesota | OIT - NTS
> -- 
>
>
> On 10/13/10 4:11 PM, Dan Letkeman wrote:
>> Hi,
>>
>> Wondering if anyone has some experience with the NAT limitations on a
>> 2821 router?  I have about 1500 users, which about half of them are on
>> the internet at one time, but we have a proxy web filter appliance
>> that all of the clients connect to that does a website lookup, and
>> check before it lets the client access the page, so it creates a
>> separate entry for every page requested.  This doubles the NAT entries
>> in the router.
>>
>> Would 40,000 - 60,000 NAT translation entries be too much for a 2821?
>> It's not doing much else except NAT and a couple of route-maps.
>>
>> If so would device would be recommended that could handle this amount
>> of translations?
>>
>> Thanks,
>> Dan.
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list