Show NAT translations on ASA?

Andrew White · ‎01-24-2019

Hello,

Our ISP has given us Netflow access and we can see what the ISP Cisco router is sending and receiving, this is great but as a source or destination I only see our 'outside' public IP. I understand this is normal, but is there a way I can see what the ASA is translating this to in the inside?

So it will normally show something like:

Source = ASA publicIP destination = website publicIP port= 443

I wondered if I new some of the data I can somehow find out what this is on the inside?

Thanks

ngkin2010 · ‎01-24-2019

Does "show xlate" help you for this case? I think you could view the real time PAT translation by this command.

But I am not sure how could you view the historical translation record if you are looking for historical Netflow data.

Andrew White · ‎01-24-2019

Thanks, it’s just I’ve noticed 50gb was downloaded from a particular site to the outside IP address that’s all.

I think I will have to enable netflow on the inside ASA interface and see what that might show moving forward.

Sheraz.Salim · ‎01-24-2019

This is correct you need to enable net flow on the inside network in order to check what ip addresses are sending and receiving data.

Check this his link for configuration guide example how to setup

https://community.cisco.com/t5/security-documents/netflow-on-asa/ta-p/3119176

please do not forget to rate.