Tuesday, July 31, 2012

How to Verify and Troubleshoot NAT Configurations?


The most common mistake in troubleshooting is not the inability to use commands but the laxity in the examination of entries and configuration. Solving network problems requires careful and proper examination of routing entries and configuration.

There are several useful router commands to verify NAT translations. Cisco routers are equipped with NAT verifying tools.
1. The command: show ipnat translations display the details of NAT assignments; it will enable you to verify that correct translations exist in the translation table.  It’s recommended that you clear any dynamic NAT translation entries that might still be on the router.

2. To view additional details about each translation us the following command;
              R1#show ipnat translation sverbose

This command will display additions information, which includes creation dates and usage of each translation.

To clear NAT translations use the command:  clear ipnat translation
e.g.

R1#clear ipnat translation

3.Verify the operations of NAT by checking details about every packet that is translated by the router. To view this information use the:
                R1#debug ipnat  or
               R1#debug ipnat detailed

The later command debug ipnat detailed Provide a description of each packet that had been considered for translation. It also displays information on some errors such as failure to assign a global IP address.cisco product

4.The show ipnat statistics command display:
Details of all the active translation entries
NAT configuration parameters
Number of IP addresses in the pool
Total number of assigned IP addresses.

Another useful command for NAT verification is the show run command. With this command, you can view the;
Access command lists
Interfaces and other configurations

The most common mistake in troubleshooting is not the inability to use commands but the laxity in the examination of entries and configuration.

No comments:

Post a Comment