I enabled the CGNAT feature on ASR1002-X with IOS: asr1002x-universalk9.16.09.05.SPA.
Then I enabled the logging of CGNAT on the Box. The Box sends the log in Netflow format. When I checked the record, I could see the source IP address before and after NAT, but there was no information about the Destination IP address.
According to this link, When we enable CGNAT, the Box does not keep the record of the destination IP address so that it can increase the NAT capacity:
And here is my configuration of the CGNAT on the Box:
ip nat settings mode cgn no ip nat settings support mapping outside ip nat log translations flow-export v9 udp destination 10.199.4.117 2555 source Loopback0 ip nat pool CGNAT X.X.X.X X.X.X.X netmask 255.255.255.0 ip nat inside source list 1 pool CGNAT ! ip access-list standard 1 10 permit 100.81.0.0, wildcard bits 0.0.7.255 ! interface Port-channel1.80 encapsulation dot1Q 80 ip flow monitor Accounting input ip flow monitor Accounting output ip address 10.234.193.140 255.255.255.240 ip nat outside end ! interface Port-channel1.84 encapsulation dot1Q 84 ip flow monitor Accounting input ip flow monitor Accounting output ip address 10.234.193.44 255.255.255.240 ip nat outside ip ospf priority 0 ! interface Virtual-Template1 ip unnumbered Loopback30 no ip unreachables ip nat inside ip verify unicast reverse-path ip access-group FW-Users-In in ip access-group FW-Users-Out out ip tcp adjust-mss 1390 ip policy route-map To-CRM peer default ip address pool PPPoE-Pool-Private ppp authentication pap default ppp authorization default ppp accounting default