Skip to main content
clatcho
clatcho
New Member
October 4, 2018
Question

nat ip pool usage

  • October 4, 2018
  • 1 reply
  • 6217 views

Hello,

 

Assumption & belief :: a single ip address can have a max nat connections of 64,000

FACT :: My FW version is less than 5.6

 

I want to see the current usage for my nat pool below

 

    edit "nat-pool-abc"         set startip 10.10.10.0         set endip 10.10.10.4

 

To date i have tried

 

# diagnose firewall ippool stats Total 0 ippool is allocated. Total 0 client host is online. Total 0 natip is allocated. Total 0 PBA is allocated. Approximate 0 PBA is allocated in 1 second before.

#diag firewall ippool list

NO DATA

 

I thought i could use

 

diagnose sys session filter 10.10.10.1

diagnose sys session list | grep -c 10.10.10.1

 

But the figures i get back are far higher than the max nat port usage of 64,000

 

I find it difficult to believe there is no way to see the usage of my nat ip pool, even if i have to look at each IP address within that pool individually with a diagnose filter.

 

?

    1 reply

    jonathandl
    jonathandl
    New Member
    October 8, 2019

    I know this is an old thread but nevertheless for the benefit of anybody "googling":

    try the diag firewall ippool-all tree; for example,

    diag firewall ippool-all stat

    This works only in 5.6.1 or higher.

    Thanks.

     

    Terms & ConditionsAccessibility statement