https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609287#M1090014 <P>Hello,&nbsp;</P><P>The&nbsp;<SPAN>show xlate | inc and the show local-host both work thank you.&nbsp; One more thing I'll ask and maybe there isn't a way to do this, how do I get a days worth of these logs?&nbsp; It looks like it shows the currently connected connections but once those connections are done it goes away and no longer shows.&nbsp; I am assuming I will need to setup some kind of syslog server to track this somehow?</SPAN></P><P>&nbsp;</P><P><SPAN>Thanks again for the help.&nbsp;</SPAN></P> Thu, 12 May 2022 18:41:38 GMT mcliff 2022-05-12T18:41:38Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609165#M1090000 <P>Hello,</P><P>&nbsp;</P><P>How can I view what the external IP's are that are accessing a NAT on ASA 5515?&nbsp; In the ASDM I've gone to the Access Rules tab and selected the one I want and I've picked show log but the window it opens doesn't show me anything.&nbsp; Any help would be appreciated, thanks.&nbsp;</P> Thu, 12 May 2022 15:53:46 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609165#M1090000 mcliff 2022-05-12T15:53:46Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609177#M1090002 <P>Hi</P><P>&nbsp;You can use command line for that: "show xlate". CLI on this case is easier to see.</P><P>You can also use the packetTracert</P> Thu, 12 May 2022 16:09:12 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609177#M1090002 Flavio Miranda 2022-05-12T16:09:12Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609201#M1090005 <P>Hi Flavio,</P><P>&nbsp;</P><P>When I issue the show xlate command it looks the same to me as viewing the log in the ASDM, it just shows all of our internal ips going to our public ip.&nbsp; Is there a way to only view external users ip's that are accessing the one internal ip that is being NAT'ed though?</P><P>&nbsp;</P><P>The packet tracer seems to just show you what would happen if an external ip tried to access the NAT'ed IP, if it would be allowed or denied based on the rules?</P><P>&nbsp;</P><P>Please let me know if I am doing this wrong as I am sure I am.&nbsp;</P> Thu, 12 May 2022 16:38:53 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609201#M1090005 mcliff 2022-05-12T16:38:53Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609215#M1090007 <P>May be you can try : (not sure below help please let me know if that suites)</P> <P>&nbsp;</P> <P># show xlate | inc XXXXX&nbsp; (the Internal IP here)</P> <P>or</P> <P>#show xlate local x.x.x.x</P> <P># sh nat detail | include x.x.x.x</P> Thu, 12 May 2022 16:54:52 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609215#M1090007 balaji.bandi 2022-05-12T16:54:52Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609226#M1090009 <P>Use keyword <STRONG>detail&nbsp;</STRONG>with packet-tracer give you all nat use by this traffic.</P> Thu, 12 May 2022 17:05:24 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609226#M1090009 MHM Cisco World 2022-05-12T17:05:24Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609243#M1090011 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1353282">@mcliff</a> use the command <STRONG>show local-host &lt;private ip address&gt;</STRONG></P> <P>&nbsp;</P> <P>Example below determines there are 2 connections and lists the source public (external) IP addresses connecting to that server.</P> <P>&nbsp;</P> <P><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="show localhost.PNG" style="width: 794px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/151119i62A96D5389D1B780/image-size/large?v=v2&amp;px=999" role="button" title="show localhost.PNG" alt="show localhost.PNG" /></span></STRONG></P> Thu, 12 May 2022 17:31:24 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609243#M1090011 Rob Ingram 2022-05-12T17:31:24Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609287#M1090014 <P>Hello,&nbsp;</P><P>The&nbsp;<SPAN>show xlate | inc and the show local-host both work thank you.&nbsp; One more thing I'll ask and maybe there isn't a way to do this, how do I get a days worth of these logs?&nbsp; It looks like it shows the currently connected connections but once those connections are done it goes away and no longer shows.&nbsp; I am assuming I will need to setup some kind of syslog server to track this somehow?</SPAN></P><P>&nbsp;</P><P><SPAN>Thanks again for the help.&nbsp;</SPAN></P> Thu, 12 May 2022 18:41:38 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609287#M1090014 mcliff 2022-05-12T18:41:38Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609293#M1090015 <P>If you can config log with nat use by this host&nbsp;</P><P>This make nat log when new entry add to xlate.</P> Thu, 12 May 2022 18:45:21 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609293#M1090015 MHM Cisco World 2022-05-12T18:45:21Z https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609413#M1090022 <P>yes, that is the best approach if you looking for archive data,&nbsp;</P> Thu, 12 May 2022 22:11:53 GMT https://community.cisco.com/t5/network-security/view-external-ips-accessing-nat/m-p/4609413#M1090022 balaji.bandi 2022-05-12T22:11:53Z