Solved: Re: how to view the nat ID for a device in FMC

jessica jestol · ‎09-14-2019

How do you find the NAT id for a device in FMC? I had a module become corrupted. I recovered it. Now I need to reconfigure the network so I need the NAT id.

Rob Ingram · ‎09-14-2019

Hi,

To confirm the NAT ID, from the CLI type expert to login to expert mode and enter the command sudo tail -f /etc/sf/sftunnel.conf

HTH

View solution in original post

Rob Ingram · ‎09-14-2019

Hi,

To confirm the NAT ID, from the CLI type expert to login to expert mode and enter the command sudo tail -f /etc/sf/sftunnel.conf

HTH

Marvin Rhoads · ‎09-14-2019

That will work although you don't have to sudo to run the command.

Also, "tail -f" will only show the last 10 lines and watch for new output. The peer info of interest may be more than 10 lines up from the end of the file.

I'd suggest simply "cat /etc/sf/sftunnel.conf".

jessica jestol · ‎09-17-2019

I'm looking at sftunnel.conf and I'm not seeing anything like the NAT ID. What should I be looking for?

Rob Ingram · ‎09-18-2019

Hi,

The "uuid" value is the nat ID. E.g:-

admin@FTD-1:~$ tail -f /etc/sf/sftunnel.conf
role 1;
host 192.168.10.42;
ip 192.168.10.42;
reg_key Cisco1234;
uuid ~THISISTHENATID;

HTH

jessica jestol · ‎09-18-2019

my UUID is the same as the regkey. Info scrubbed for security.

 10.0.0.10
    {
        role 2;
        reg_key 01754548-9a82-14g7-a323-ab9bfb85r738;
        ip 10.0.0.10;
        host 10.0.0.10;
        sw_version 6.2.3.4;
        upgrade_version ;
        uuid 01754548-9a82-14g7-a323-ab9bfb85r738;
        priority 0;
    }

Marvin Rhoads · ‎09-18-2019

Also, NAT ID is optional so there might indeed be none in your setup.

jessica jestol · ‎09-18-2019

My FMC is in a datacenter that only has vpn access to another datacenter so I have a u-turn NAT to get to the sensors. The FMC/sensors can't connect unless I use the NAT ID.