Follow these steps to verify
that NAT is operating as expected:
Step 1 Based on the con?¬?guration, clearly de?¬?ne what NAT is supposed to achieve. You
may determine that the NAT con?¬?guration has a problem.
Step 2 Use the show ip nat translations command to determine if the correct
translations exist in the translation table.
Step 3 Verify whether the translation is occurring by using show and debug
commands.
Step 4 Review in detail what is happening to the translated packet, and verify
that routers have the correct routing information for the translated
address to move the packet.
If the appropriate translations are not in the translation table, verify the following
items:
??? There are no inbound ACLs that are denying the packet entry into the NAT
router.
??? The ACL that is referenced by the NAT command is permitting all necessary
networks.
??? The NAT pool has enough addresses.
??? The router interfaces are appropriately de?¬?ned as NAT inside or NAT outside.
In a simple network environment, it is useful to monitor NAT statistics with the show ip nat
statistics command. However, in a more complex NAT environment with several
translations taking place, this show command is no longer useful.
Pages:
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396