Command:

debug ip nat


Mode:

Router#


Syntax:

debug ip nat [access-list | detailed | h323 | pptp]

no debug ip nat [access-list | detailed | h323 | pptp]

Syntax Description:

access-list

(Optional) The standard IP access list number. If the datagram is not

permitted by the specified access list, the related debugging output is

suppressed.

detailed

(Optional) Displays debug information in a detailed format.

h323

(Optional) Displays H.225/H.245 protocol information.

pptp

(Optional) Displays Point-to-Point Tunneling (PPTP) protocol information.

Command Description:

 

To display information about IP packets translated by the IP Network Address Translation (NAT)

feature, use the debug ip nat privileged EXEC command. To disable debugging output, use the no form

of this command.

 

The NAT feature reduces the need for unique, registered IP addresses. It can also save private network

administrators from needing to renumber hosts and routers that do not conform to global IP addressing.

 

Use the debug ip nat command to verify the operation of the NAT feature by displaying information

about every packet that is translated by the router. The debug ip nat detailed command generates a

description of each packet considered for translation. This command also outputs information about

certain errors or exceptional conditions, such as the failure to allocate a global address. To display

messages related to the processing of H.225 signalling and H.245 messages, use the debug ip nat h323

command.

 

Caution:  Because the debug ip nat command generates a substantial amount of output, use it only when traffic

on the IP network is low, so other activity on the system is not adversely affected.


Example:

The following is sample output from the debug ip nat command. In this example, the first two lines show

the debugging output produced by a Domain Name System (DNS) request and reply. The remaining lines

show the debugging output from a Telnet connection from a host on the inside of the network to a host

on the outside of the network. All Telnet packets, except for the first packet, were translated in the fast

path, as indicated by the asterisk (*).

 

Router# debug ip nat

NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825]

NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852]

NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826]

NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311]

NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827]

NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828]

NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313]

NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]

 


Misconceptions:

           None.


Related Commands:

            None. 


� Cisco Systems, Inc. 2001, 2002, 2003
World Wide Education

Converted from CHM to HTML with chm2web Pro 2.85 (unicode)