Static NAT not showing in xlate

lalcantara · ‎12-12-2005

Hello,

When I create a static nat rule, it does not show as a translation when I enter the command 'sh xlate'?

I'm troubleshooting an issue and I just want to make sure if this is part of the cause or not. Do all static NATs show as a translation?

Thanks,

Lee

gfullage · ‎12-12-2005

It does in some versions and not others. It does in v7.0:

Pod5-ASA(config)# static (inside,outside) 1.1.1.1 10.1.1.1

Pod5-ASA(config)# sho xlate

1 in use, 1 most used

Global 1.1.1.1 Local 10.1.1.1

Pod5-ASA(config)# static (inside,outside) 1.1.1.2 10.1.1.2

Pod5-ASA(config)# static (inside,outside) 1.1.1.3 10.1.1.3

Pod5-ASA(config)# sho xlate

3 in use, 3 most used

Global 1.1.1.1 Local 10.1.1.1

Global 1.1.1.2 Local 10.1.1.2

Global 1.1.1.3 Local 10.1.1.3

but doesn't in v6.x:

SV2-3(config)# static (inside,outside) 1.1.1.1 10.1.1.1

SV2-3(config)# static (inside,outside) 1.1.1.2 10.1.1.2

SV2-3(config)# static (inside,outside) 1.1.1.3 10.1.1.3

SV2-3(config)#

SV2-3(config)# sho xlate

0 in use, 0 most used

valconix · ‎12-19-2005

I wonder also, if you have to do a 'clear xlate' and traffic needs to flow first below a entry can exist? I think I came across this before and that was the case.

trackme · ‎12-22-2005

Hi,

This can happen when packets are not hitting the translated IP. In PIX translation will happen only when packets hit the IP. For example if the public IP is 1.2.3.4 and your inside IP is 2.2.2.2 .

Try sending packets to the IP 1.2.3.4 and you can see the translate happening (provided you have a valid host and xlate commands are proper :)

A simplest way of testing is to ping the Public IP ie. 1.2.3.4 and see the logs and the sh xlate commands.

I have faced the same situation and got it fixed by doing so.

Hope this helps you.

Anantha