Setting Connection Limits In The Nat Configuration; Using Dynamic Nat And Pat - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Using Dynamic NAT and PAT
Setting Connection Limits in the NAT Configuration
The NAT configuration lets you set some options for traffic that cannot be set anywhere else, including
the following:
•
•
•
When you do not want to use NAT, such as for a transparent firewall or same security interfaces, you can
set these options in an identity NAT statement or a NAT exemption statement.
Using Dynamic NAT and PAT
This section includes the following topics:
•
•
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
9-16
Setting the maximum connections—The maximum number of simultaneous TCP and/or UDP
connections for the entire subnet up to 65,536.
Setting the maximum embryonic connections—The maximum number of embryonic connections
per host up to 65,536. An embryonic connection is a connection request that has not finished the
necessary handshake between source and destination. This limit enables the TCP intercept feature.
(See the
"Other Protection Features" section on page 1-6
Disabling TCP sequence number randomization—Only use this option if another in-line firewall is
also randomizing sequence numbers and the result is scrambling the data.
Dynamic NAT and PAT Implementation, page 9-17
Configuring NAT or PAT, page 9-23
Chapter 9
Configuring Network Address Translation
for more information.)
OL-6392-01
Advertisement
Table of Contents
Troubleshooting
