12-12-2005 10:42 AM - edited 03-09-2019 01:19 PM
Hello,
When I create a static nat rule, it does not show as a translation when I enter the command 'sh xlate'?
I'm troubleshooting an issue and I just want to make sure if this is part of the cause or not. Do all static NATs show as a translation?
Thanks,
Lee
12-12-2005 05:22 PM
It does in some versions and not others. It does in v7.0:
Pod5-ASA(config)# static (inside,outside) 1.1.1.1 10.1.1.1
Pod5-ASA(config)# sho xlate
1 in use, 1 most used
Global 1.1.1.1 Local 10.1.1.1
Pod5-ASA(config)# static (inside,outside) 1.1.1.2 10.1.1.2
Pod5-ASA(config)# static (inside,outside) 1.1.1.3 10.1.1.3
Pod5-ASA(config)# sho xlate
3 in use, 3 most used
Global 1.1.1.1 Local 10.1.1.1
Global 1.1.1.2 Local 10.1.1.2
Global 1.1.1.3 Local 10.1.1.3
but doesn't in v6.x:
SV2-3(config)# static (inside,outside) 1.1.1.1 10.1.1.1
SV2-3(config)# static (inside,outside) 1.1.1.2 10.1.1.2
SV2-3(config)# static (inside,outside) 1.1.1.3 10.1.1.3
SV2-3(config)#
SV2-3(config)# sho xlate
0 in use, 0 most used
12-19-2005 11:45 AM
I wonder also, if you have to do a 'clear xlate' and traffic needs to flow first below a entry can exist? I think I came across this before and that was the case.
12-22-2005 08:25 PM
Hi,
This can happen when packets are not hitting the translated IP. In PIX translation will happen only when packets hit the IP. For example if the public IP is 1.2.3.4 and your inside IP is 2.2.2.2 .
Try sending packets to the IP 1.2.3.4 and you can see the translate happening (provided you have a valid host and xlate commands are proper :)
A simplest way of testing is to ping the Public IP ie. 1.2.3.4 and see the logs and the sh xlate commands.
I have faced the same situation and got it fixed by doing so.
Hope this helps you.
Anantha
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide