Cisco: NAT Verifing
Jump to navigation
Jump to search
sumber: https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/8605-13.html
- How to Rule Out NAT
- Sample Problem: Can Ping One Router But Not Another
- Sample Problem: Outside Network Devices Cannot Communicate with Inside Routers
Troubleshooting Checklists
- Translation Not Installed in the Translation Table
- Correct Translation Entry Isn't Being Used
- NAT Operating Correctly, But There Are still Connectivity Problems
- NAT Translation for Port 80 Does not Work
- %NAT: System busy. Try later
- Large Translation Table Increases the CPU
- % Public ip-address already mapped (Internal ip-address -> Public ip-address)
- No Entries in the ARP table
- Conclusion
- Bad token 0, wanted TOK_NUMBER|TOK_PUNCT
How to Rule Out NAT
When you attempt to determine the cause of an IP connectivity problem, it helps to rule out NAT. Follow these steps to verify that NAT is operating as expected:
- Based on the configuration, clearly define what NAT is supposed to achieve. At this point you may determine that there is a problem with the configuration.
- Verify that correct translations exist in the translation table.
- Use the show and debug commands to verify that the translation is occurring.
- Review in detail what is happening to the packet and verify that routers have the correct routing information to move the packet along.
Sample Problem: Can Ping One Router But Not Another
show ip nat translation clear ip nat statistics show ip nat statistics ping 172.16.11.7 show ip nat statistics show ip route