Hi, 

I  enabled the CGNAT feature on ASR1002-X with IOS: asr1002x-universalk9.16.09.05.SPA.

Then I enabled the logging of CGNAT on the Box. The Box sends the log in Netflow format. When I checked the record, I could see the source IP address before and after NAT, but there was no information about the Destination IP address.

According to this link, When we enable CGNAT, the Box does not keep the record of the destination IP address so that it can increase the NAT capacity:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16-9/nat-xe-16-9-book/iadnat-cgn.html

But according to this link, the Destination IP address is included in The logs:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16-7/nat-xe-16-7-book/iadnat-hsl-vrf.html

And here is my configuration of the CGNAT on the Box:

ip nat settings mode cgn
no ip nat settings support mapping outside
ip nat log translations flow-export v9 udp destination 10.199.4.117 2555 source Loopback0
ip nat pool CGNAT X.X.X.X X.X.X.X netmask 255.255.255.0
ip nat inside source list 1 pool CGNAT
!
ip access-list standard 1
10 permit 100.81.0.0, wildcard bits 0.0.7.255
!
interface Port-channel1.80
encapsulation dot1Q 80
ip flow monitor Accounting input
ip flow monitor Accounting output
ip address 10.234.193.140 255.255.255.240
ip nat outside
end
!
interface Port-channel1.84
encapsulation dot1Q 84
ip flow monitor Accounting input
ip flow monitor Accounting output
ip address 10.234.193.44 255.255.255.240
ip nat outside
ip ospf priority 0
!
interface Virtual-Template1
ip unnumbered Loopback30
no ip unreachables
ip nat inside
ip verify unicast reverse-path
ip access-group FW-Users-In in
ip access-group FW-Users-Out out
ip tcp adjust-mss 1390
ip policy route-map To-CRM
peer default ip address pool PPPoE-Pool-Private
ppp authentication pap default
ppp authorization default
ppp accounting default

 I hope someone can help me in this regard.

Thank you