Tranlsation Pool Exhausted

Posted on 2006-03-26
Medium Priority
Last Modified: 2008-02-01
I have a Watchguard Firebox X50 Wireless with about 20 users accessing the internet and network at any given time.

After a while, my users can no longer connect to the internet and the log shows

NAT Translation Pool Exhausted

I haven't determined a time frame as to how long it takes for this to happen, what exactly is this and how can I stop it from happening?  If I reset the server (Server 2003), it seems to correct the problem for a while...is this the firewall or something in Windows Server 2003?

Question by:Kevin Smith
  • 2
LVL 32

Expert Comment

ID: 16294237
Are you having Server 2003 do the NAT translation? That's what it sounds like. Whatever number of operations you have going seems to fill up the available translation table for addresses and ports.

You might want to take a look at the server settings.
LVL 20

Accepted Solution

calvinetter earned 1000 total points
ID: 16294369
Check your workstations, especially any wireless laptops for any type of malware - sounds like a worm trying to propagate or other malware running rampant.  If possible, take all the wireless users offline, clean them off, then put them back on the network, one at a time.

LVL 32

Expert Comment

ID: 16294434
calvin - good call.

ksmith - do you have any sort of logs of connections involving any of the machines? additionally, what sort of virus/spyware protection do you have on your network?

Author Comment

by:Kevin Smith
ID: 16329031
Not sure what exactly happened, but disabling the wireless seems to eradicated the problem for now.  I'm gonna take calvin's advice and start working with each wireless user (there's not very many) in the office and see where it gets me.


Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question