Reset Search



KB44837 - Implications of using Single NAT in Pulse Connect Secure (PCS) deployments.

« Go Back


Last Modified Date6/28/2021 4:34 PM
This article describes the demerits of using NAT in PCS deployments.
Problem or Goal
When Load Balancer or a Firewall is configured with Single NAT, all the end user connections reaching PCS would show the same Source IP Address.

End Point Device -> Internet -> DMZ (LB/FW) Single NAT -> PCS

PCS will in turn treat all the incoming connections as coming from the same source and direct all these requests to a Single CPU core. This overloads a single CPU core affecting the performance and sometimes can cause an outage too.
Configure the LB/Firewall to use multiple Source IP Addresses or enable Source IP transparency.
Related Links
Attachment 1 
Created ByRaghu Kumar



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255