Verifying and Troubleshooting NAT Configurations

The most common mistake in troubleshooting is not the inability to use commands but the laxity in the examination of entries and configuration. Solving network problems requires careful and proper examination of routing entries and configuration.

There are several useful router commands to verify NAT translations. Cisco routers are equipped with NAT verifying tools.

1.  The command: show ip nat translations display the details of NAT assignments; it will enable you to verify that correct translations exist in the translation table.  It’s recommended that you clear any dynamic NAT translation entries that might still be on the router.

2.  To view additional details about each translation us the following command;

              R1#show ip nat translations verbose

This command will display additions information, which includes creation dates and usage of each translation.

 To clear NAT translations use the command:  clear ip nat translation

e.g.   R1#clear ip nat translation

3.      Verify the operations of NAT by checking details about every packet that is translated by the router. To view this information use the:

                R1#debug ip nat  or

               R1#debug ip nat detailed

 

The later command debug ip nat detailed Provide a description of each packet that had been considered for translation. It also displays information on some errors such as failure to assign a global IP address.

4.      The show ip nat statistics command display:

i,     details of all the active translation entries

ii     NAT configuration parameters

iii    number of IP addresses in the pool

iv  total number of assigned IP addresses.

Another useful command for NAT verification is the show run command. With this command, you can view the;

i  access command lists

ii  interfaces and other configurations

The most common mistake in troubleshooting is not the inability to use commands but the laxity in the examination of entries and configuration.