Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1162
Views
0
Helpful
2
Replies

IOS NAT Hit and order

Go to solution
Delmiro Campelo
Level 1
Level 1

‎05-17-2017 11:15 AM - edited ‎03-05-2019 08:33 AM

Hello support community,

I have been reading several Cisco documents and haven't been able to find answers to these questions regarding NAT in the IOS devices (not the ASAs)

1. Is it possible to view the hit count for a specific NAT statement ? just like you can in the ASA with show nat command?

2. Are the NAT statements processed from top to bottom as listed on device configuration?

I'm not looking for that NAT order of operations, I don't believe it answers questions #2.

Thanks for any help you can provide

Delmiro

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Julio E. Moisa
VIP
VIP

‎05-17-2017 11:44 AM

Hi Delmiro,

You could see the current translations on Routers using:

show ip nat translations

I think the NAT statements are read by match like an ACL. Please check this link:

http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/6209-5.html

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

View solution in original post

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎05-17-2017 11:50 AM

Hello,

to my best knowledge, the only command that show hits and misses is 'show ip nat statistics', but it is not specified by NAT statement. You might be able to pull additional info from the command line with 'snmp get', using the Cisco NAT MIB (linked below).

Second question: the device configuration, that is, how the running config lists the NAT statements, is not relevant. The NAT order of operation is still leading.

CISCO-IETF-NAT-MIB

http://www.oidview.com/mibs/9/CISCO-IETF-NAT-MIB.html

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Julio E. Moisa
VIP
VIP

‎05-17-2017 11:44 AM

Hi Delmiro,

You could see the current translations on Routers using:

show ip nat translations

I think the NAT statements are read by match like an ACL. Please check this link:

http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/6209-5.html

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎05-17-2017 11:50 AM

Hello,

to my best knowledge, the only command that show hits and misses is 'show ip nat statistics', but it is not specified by NAT statement. You might be able to pull additional info from the command line with 'snmp get', using the Cisco NAT MIB (linked below).

Second question: the device configuration, that is, how the running config lists the NAT statements, is not relevant. The NAT order of operation is still leading.

CISCO-IETF-NAT-MIB

http://www.oidview.com/mibs/9/CISCO-IETF-NAT-MIB.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card