ACE - debug xlate

Answered Question
May 26th, 2009
User Badges:

Is possible to debug nat transactions on the ACE. I know that the commands show xlate or show nat-fabric exist. But is possible to use some command which is similar like debug ip nat trans like on the Cisco router? Or is other method for real-time debug the ip nat translations on the ACE? Thank you very much. Roman

Correct Answer by Gilles Dufour about 7 years 11 months ago

There is no debug as the nating is done in a micro engine which has very limited functions.


You can however enable "logging fastpath" and send the log messages to a syslog server (mandatory) and you should get an entry for each connection coming in and the associated xlate.


Here is an example:


%ACE-6-302026: Built ICMP connection for faddr 4.20.98.115/39033 gaddr 199.87.8.250/8 laddr 10.129.200.145/0


Gilles.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Gilles Dufour Tue, 05/26/2009 - 23:21
User Badges:
  • Cisco Employee,

There is no debug as the nating is done in a micro engine which has very limited functions.


You can however enable "logging fastpath" and send the log messages to a syslog server (mandatory) and you should get an entry for each connection coming in and the associated xlate.


Here is an example:


%ACE-6-302026: Built ICMP connection for faddr 4.20.98.115/39033 gaddr 199.87.8.250/8 laddr 10.129.200.145/0


Gilles.

Actions

This Discussion