Showing results for 
Search instead for 
Did you mean: 

CGNAT Log on ASR1002X

Peyman Zadmehr


I  enabled the CGNAT feature on ASR1002-X with IOS: asr1002x-universalk9.16.09.05.SPA.

Then I enabled the logging of CGNAT on the Box. The Box sends the log in Netflow format. When I checked the record, I could see the source IP address before and after NAT, but there was no information about the Destination IP address.

According to this link, When we enable CGNAT, the Box does not keep the record of the destination IP address so that it can increase the NAT capacity:

But according to this link, the Destination IP address is included in The logs:

And here is my configuration of the CGNAT on the Box:

ip nat settings mode cgn
no ip nat settings support mapping outside
ip nat log translations flow-export v9 udp destination 2555 source Loopback0
ip nat pool CGNAT X.X.X.X X.X.X.X netmask
ip nat inside source list 1 pool CGNAT
ip access-list standard 1
10 permit, wildcard bits
interface Port-channel1.80
encapsulation dot1Q 80
ip flow monitor Accounting input
ip flow monitor Accounting output
ip address
ip nat outside
interface Port-channel1.84
encapsulation dot1Q 84
ip flow monitor Accounting input
ip flow monitor Accounting output
ip address
ip nat outside
ip ospf priority 0
interface Virtual-Template1
ip unnumbered Loopback30
no ip unreachables
ip nat inside
ip verify unicast reverse-path
ip access-group FW-Users-In in
ip access-group FW-Users-Out out
ip tcp adjust-mss 1390
ip policy route-map To-CRM
peer default ip address pool PPPoE-Pool-Private
ppp authentication pap default
ppp authorization default
ppp accounting default

 I hope someone can help me in this regard.

Thank you

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: