Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT and 7.1(2)

I am trying to make translation from inside to outside on a ASA 5520 box with 7.1 (2) context based software

Trust me, the findings are really weird

Translation happens because the connectivity gets through and the other end as well is able to view the translated IP address for all the three type of configurations


Dynamic and

policy based using acl

The issue is in the show local command output; the inside and outside IP addresses and not displayed. It works when nat (inside) id <host> is configured; but does not happen for static NAT and policy based NAT

Global (outside) 10 netmask

Nat (inside) 10

Show local


PAT Global Local


TCP out in idle 0:00:22 bytes 8827 flags UIO


Static (inside,outside) netmask

Show local


TCP out in idle 0:00:22 bytes 8827 flags UIO


Nat (inside) 10 access-list test

Access-list test permit ip host host

Show local


TCP out in idle 0:00:22 bytes 8827 flags UIO

Can anyone let me know why I am not able to view the translation happening for static NAT or policy based NAT. In coming future this would get very difficult to troubleshoot on identifying where the problem is, so pl. suggest.


Re: NAT and 7.1(2)

did you clear xlate table?

actually try clearing that particular local host.


asa#clear local-host

then initiate outbound traffic from that host and do "show local-host" again to see its actual static NAT translation.

see if that makes any difference.



New Member

Re: NAT and 7.1(2)

Yes i have clear the translation table but still cannot view the output of the show local command.


Re: NAT and 7.1(2)

You are using same global ip address for static NAT , Policy NAT and dynamic NAT.

Try using different Global ip addresses for each of the translations.Then it will show the output.



Pls rate helpful posts

New Member

Re: NAT and 7.1(2)

No, i do not use same global IP address simultaneously. its like first i only make a static nat, then remove static NAT and configure policy based NAT.

But when i configure PAT like nat (inside) , i am able to see the output in the show local command.

CreatePlease login to create content