Suggestion for version 8.3+ "show run nat in-line"

RicheeJJJ_2 · ‎02-15-2011

I would REALLY like to see a command "show run nat in-line" which will display nat statements on one line.

Example:

ASA# show run nat

object network obj-172.16.200.202
nat (INSIDE,OUTSIDE) static interface service tcp www 202

ASA# show run nat in-line

object network obj-172.16.200.202 nat (INSIDE,OUTSIDE) static interface service tcp www 202

Many of my firewalls have huge NAT configurations. There's no way to search for a specific IP or even object to see what the translation is on this table. The only comamnd is "show run nat" then I have to manually look for it. Even if I do the "| include" statement I only get half the translation which doesn't help. With this new command I could now do a "show run nat in-line | include 172.16.200.202" and see exactly what the translation is for that IP or object I'm searching for.

Cisco has already put in a "show run object in-line" statement which displays the object and its contents in one line. So how about it Cisco, why don't you put a "show run nat in-line" command in for us?

mirober2 · ‎02-16-2011

Hi Richee,

You can certainly contact your Cisco account team and ask that an enhancement request be filed for this feature. They would be able to help you file the request and explain your business requirement to the product developers.

Something that may help you in the interim would be to use the '| begin' option. To use your example:

object network obj-172.16.200.202
    nat (INSIDE,OUTSIDE) static interface service tcp www 202

With this config you could do 'show run nat | begin 172.16.200.202'. The first 2 lines that will be returned would be your NAT configuration mentioned above.

Hope that helps.

-Mike