cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2334
Views
10
Helpful
4
Replies

NAT cleanup (ASA)

MusaadSaad
Level 1
Level 1

Hello Everyone,

 

I am currently in process to clean up the unused NAT rules.

How I can be sure the rules is not used?? 

 

Thx

4 Replies 4

Hi,
If you use the command "show nat" this will indicate the translated/un-translated hits. If there are no matches, then possibly the nat rule is not in use or no hits since the ASA was last rebooted.

HTH

Thank you for your reply.

 

But do I need to check the output of these two command "show xlate", "show access-list" to make sure this is not used ? or "show nat" and check the translated/un-translated hits is enough?

You should probably be ok relying on checking the translated/un-translated hits.

Checking the xlate would indicate what nat rule was used, not what nat rule wasn't used.

Thanks man.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: