verify nat on asa

Unanswered Question
Nov 24th, 2007

device: asa 5520

how can i verify whether my nat is realy taking place aside from the sh xlate;

static (dmz2,outside) IPoutside IPdmz2

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Sat, 11/24/2007 - 22:21

you can do

show local-host IPdmz2


show xlate | inc IPoutside

beside these commands if your nat config is correct connection is another way to determined it is woring.

Rate any helpful post !



cfajardo1_2 Sat, 11/24/2007 - 22:44

but both of this shows translation is there even though theres no actual traffic taking place.

i wanted to know whether translation is realy taking place

cfajardo1_2 Sat, 11/24/2007 - 22:47

even though you do a clear xlate, and you do a sho xlate, it will still sh you the translation

JORGE RODRIGUEZ Sat, 11/24/2007 - 23:12

that means either the local host is receiving traffic from outside or generating-requesting outbound traffic by some app in host.. issue in pix enable mode PIX#clear local-host IPdmz , then do show xlate see if it still has translations.

Pls rate any helpful post


srue Sun, 11/25/2007 - 20:53

the 'show conn' command might help you on this also.


This Discussion