09-16-2024 01:47 PM - edited 09-16-2024 01:51 PM
Hi Team
We have an issue where we use Dynamic IP pool for outbound NAT but 'show running ippool' does not reflect the accurate NAT xlate pool usage.
For example, we see 9k Available IPs but on checking the global counter we can see the NAT Utilization errors:
show running nat-rule-ippool <rule> also shows the same number stating 9k available IPs.
Why can't we see the actual number of utilized and Free IPs?
Is there a more specific command or way to check this on the firewall?
I see this but not sure if it also applies to Dynamic IP type NAT rule:
Packet drop due to source NAT IP/port allocation failed - Knowledge Base - Palo Alto Networks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
