https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573810#M115361 <P>How many concurrent sessions you have?</P> <P>&nbsp;</P> <P>show session all filter count yes</P> <P>&nbsp;</P> <P>How is status of <SPAN>NAT IP pool cache?</SPAN></P> <P>&nbsp;</P> <P>show running ippool</P> <P>show running global-ippool</P> <P>&nbsp;</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CliQCAS" target="_blank" rel="noopener">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CliQCAS</A></P> Sun, 21 Jan 2024 13:57:22 GMT Raido_Rattameister 2024-01-21T13:57:22Z https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573788#M115353 <P>Hi All,</P> <P>Been troubleshooting an issue with viewing live streams from cameras from one specific location.&nbsp; We've had the system in place for awhile and it was working fine until recently.&nbsp; Any time we try to establish a connection over tcp 960, it was failing.&nbsp; I noticed in packet capture that the firewall was not performing NAT for that traffic.&nbsp; I ran command "debug dataplane nat sync-ippool rule &lt;rule name&gt;" and now its working fine (at least temporarily).</P> <P>&nbsp;</P> <P>While troubleshooting, we re-routed this traffic to another location that was working fine.&nbsp; However, now when I view the NAT table on that firewall, I see "NAT pool is leaking!!!".&nbsp; &nbsp;It appears this location is now going to have an issue.</P> <P>&nbsp;</P> <P>Running pan-os 10.1.11.&nbsp; Seems we are running into a bug, but didn't see this listed in known issues.</P> <P>&nbsp;</P> <P>Any advice would be appreciated</P> <P>&nbsp;</P> <P>&nbsp;</P> Sat, 20 Jan 2024 16:37:15 GMT https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573788#M115353 securehops 2024-01-20T16:37:15Z https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573810#M115361 <P>How many concurrent sessions you have?</P> <P>&nbsp;</P> <P>show session all filter count yes</P> <P>&nbsp;</P> <P>How is status of <SPAN>NAT IP pool cache?</SPAN></P> <P>&nbsp;</P> <P>show running ippool</P> <P>show running global-ippool</P> <P>&nbsp;</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CliQCAS" target="_blank" rel="noopener">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CliQCAS</A></P> Sun, 21 Jan 2024 13:57:22 GMT https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573810#M115361 Raido_Rattameister 2024-01-21T13:57:22Z https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573836#M115363 <P>Thanks for the reply.</P> <P>&nbsp;</P> <P>So a few things, for the firewall with the initial issue, I don't recall the exact sessions/nat pool stats but they were both low.&nbsp; After we routed traffic for that destination to one of our other sites,&nbsp; I cleared all sessions to that destination.&nbsp; However, my TCP sessions were still not being established.&nbsp; Only way to resolve was to clear/reclaim the stale NAT buffers.&nbsp; One thing we previously tried was to create a pool of public IPs.&nbsp; This helped but only for a week.&nbsp; &nbsp;</P> <P>&nbsp;</P> <P>On the firewall where the traffic was rerouted to, where it was showing NAT Pool is Leaking,&nbsp; it was using around 2200 out of&nbsp;126798</P> <P>&nbsp;</P> <P>Based on the timing when this issue started, it appears to be related to the upgrade from 9.1 to 10.1</P> Sun, 21 Jan 2024 17:48:55 GMT https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/573836#M115363 securehops 2024-01-21T17:48:55Z https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/577025#M115813 <P>Any update?</P> Mon, 12 Feb 2024 13:39:19 GMT https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/577025#M115813 CareyWest 2024-02-12T13:39:19Z https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/581352#M116360 <P>not yet.&nbsp; Seems like maybe it is fixed in 10.1.13, but I can't say for sure yet.&nbsp; &nbsp;</P> Fri, 22 Mar 2024 14:21:27 GMT https://live.paloaltonetworks.com/t5/general-topics/nat-leak-issue/m-p/581352#M116360 securehops 2024-03-22T14:21:27Z