Xlate per-session permit udp any6 any6 eq domain Xlate per-session permit udp any6 any4 eq domain Xlate per-session permit udp any4 any6 eq domain Xlate per-session permit udp any4 any4 eq domain The default commands that enable this behavior can be seen in the configuration with the show run all xlate command: ASA# show run all xlate This behavior differs from software versions earlier than 9.0(1) in which the dynamic xlate would stay in the table for an additional 30-second timeout period after the connection was torn down. In ASA version 9.0(1) and later, the PAT xlate that the connection utilized is immediately deleted from the xlate table by default when any TCP or UDP-based DNS connection is closed. Here is an example: ASA# show conn address 10.107.84.210 The 'x' flag indicates that the connection uses a 'per-session' PAT xlate. What is the 'x' connection flag in the show xlate output in ASA version 9.0(1) and later?Ī. Refer to Cisco Technical Tips Conventions for more information on document conventions. This document describes the 'x' connection flag that appears in the output of the show xlate command in ASA version 9.0(1) and later.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |