cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


263
Views
10
Helpful
4
Replies
Highlighted
Beginner

NAT cleanup (ASA)

Hello Everyone,

 

I am currently in process to clean up the unused NAT rules.

How I can be sure the rules is not used?? 

 

Thx

Everyone's tags (5)
4 REPLIES 4
VIP Advisor RJI VIP Advisor
VIP Advisor

Re: NAT cleanup (ASA)

Hi,
If you use the command "show nat" this will indicate the translated/un-translated hits. If there are no matches, then possibly the nat rule is not in use or no hits since the ASA was last rebooted.

HTH
Beginner

Re: NAT cleanup (ASA)

Thank you for your reply.

 

But do I need to check the output of these two command "show xlate", "show access-list" to make sure this is not used ? or "show nat" and check the translated/un-translated hits is enough?

VIP Advisor RJI VIP Advisor
VIP Advisor

Re: NAT cleanup (ASA)

You should probably be ok relying on checking the translated/un-translated hits.

Checking the xlate would indicate what nat rule was used, not what nat rule wasn't used.
Beginner

Re: NAT cleanup (ASA)

Thanks man.