Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix515E check Nat Translations

Before we had our Pix perform our Nat translations, our Cisco 1720 was performing it. Any time we wanted to see what external IP addresses a client was connecting to we would issue a "show ip nat trans".

I am wondering if a similar command exists for the Pix. I thought "show xlate" would do this but it only shows the internal address being mapped to the public address.

Thanks,

Denny

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: Pix515E check Nat Translations

give "sh conn" a go.

e.g.

TCSNSWSYDP01# sh conn

128 in use, 46518 most used

TCP out xxx.xxx.xxx.212:80 in 192.168.1.230:2567 idle 0:04:45 Bytes 21315 flags UIO

TCP out xxx.xxx.144.xxx:80 in 192.168.1.211:2571 idle 0:04:53 Bytes 1536 flags UIO

TCP out xxx.xxx.xxx.15:3389 in 192.168.1.156:2490 idle 0:05:13 Bytes 18909248 flags UIO

3 REPLIES
New Member

Re: Pix515E check Nat Translations

Show xlate is the command. You most likely see the internal addresses overloading [PAT] the outside interface.

"global (outside) 1 interface"

In the past did you have a NAT pool that gave you one to one ip nat?

New Member

Re: Pix515E check Nat Translations

No, we were using PAT on the 1720 too.

On the 1720 "show ip nat trans" would show the following

our external public address

the internal private address

then the address of the website or remote system being accessed.

On the Pix, "show xlate" only shows

the global address

then the internal address.

I can't see which websites or remotes the internal client is accessing out on the net.

I hope that makes sense.

Thank you,

Denny

Gold

Re: Pix515E check Nat Translations

give "sh conn" a go.

e.g.

TCSNSWSYDP01# sh conn

128 in use, 46518 most used

TCP out xxx.xxx.xxx.212:80 in 192.168.1.230:2567 idle 0:04:45 Bytes 21315 flags UIO

TCP out xxx.xxx.144.xxx:80 in 192.168.1.211:2571 idle 0:04:53 Bytes 1536 flags UIO

TCP out xxx.xxx.xxx.15:3389 in 192.168.1.156:2490 idle 0:05:13 Bytes 18909248 flags UIO

142
Views
0
Helpful
3
Replies
CreatePlease login to create content