How can we monitor the Network Address Translation settings for a Cisco 1600?
There are two basic NAT monitoring commands in Cisco IOS 11.2 and up: "show ip nat statistical" and "show ip nat translations." NAT lets you connect entire networks to the Internet through one publicly registered IP address for the Internet connection using private IP addresses defined in RFC 1918 for your private network computers. A NAT device like the Cisco 1600 is connected to both networks to manage connections across the network boundary.
The Cisco IOS command "show ip nat translations" displays the inside and outside network configuration parameters. The command "ip nat inside source static [inside ip] [outside ip]" configures an inside IP address to bind to an outside (public) IP address permanently. To establish a pool of public IP addresses for use by systems on your private network, use the command "ip nat pool [pool name] [start outside IP Address] [finish outside IP Address] netmask [network mask]" to configure the NAT pool, then "access-list [unique acl number] permit [inside ip network address] [inside ip network mask]" or similar access list definition statements. Then type "ip nat inside source list [unique acl number] pool [pool name]" to correlate the access control list with the NAT pool. "Show ip nat statistical" will display usage statistics.
This story, "Monitoring NAT settings on a Cisco 1600 " was originally published by Network World.