Monitoring NAT

The J-Web interface provides information about Network Address Translation (NAT).

This section contains the following topics:

Monitoring Source NAT Information
Monitoring Destination NAT Information
Monitoring Static NAT Information
Monitoring Incoming Table Information
Monitoring Interface NAT Port Information

Monitoring Source NAT Information

To view the source Network Address Translation (NAT) summary table and the details of the specified NAT source address pool information, select Monitor>NAT>Source NAT in the J-Web interface, or enter the following CLI commands:

show security nat source-nat summary
show security nat source-nat pool pool-name

Table 52 summarizes key output fields in the source NAT display.

Table 52: Summary of Key Source NAT Output Fields

Field	Values	Additional Information
Source NAT Summary Table
Pool Name	Name of the source pool.
Address Low	Starting IP address of one address range in the source pool.
Address High	Ending IP address of one address range in the source pool.
Interface	Name of the interface on which the source pool is defined.
PAT	Whether Port Address Translation (PAT) is enabled (Yes, or No).
Source NAT Pool Specific Summary: pool-name
Address	IP address in the source pool.
Interface	Name of the interface on which the source pool is defined.
Status	Status of the IP address: Active—Denotes that the IP address is in use. This status applies only to source NAT without Port Address Translation (PAT). Free—IP address is available for allocation.
Single Ports	Number of allocated single ports.
Twin Ports	Number of allocated twin ports.
PAT	Whether PAT is enabled (Yes or No).

Monitoring Destination NAT Information

pool-name

Table 52 summarizes key output fields in the source NAT display.

Table 53: Summary of Key Source NAT Output Fields

Field	Values	Additional Information
Source NAT Rules Filter Options
Rule-Set Name	Name of the rule set.
Total Rules	Total rules available.
Source NAT Rules Tab Options
ID	ID of the rule.
Name	Name of the rule .
Ruleset Name	Name of the ruleset.
From	Name of the routing instance/zone/interface from which the packet flows.
To	Name of the routing instance/zone/interface to which the packet flows .
Source Address Range	Source IP address range in the source pool.
Destination Address Range	Destination IP address range in the source pool.
Action	Action configured for the destination NAT rules.
Destination Port	Destination port in the destination pool.
Translation Hits	Number of times the router translates two components in the IP header of the incoming packet.
Pools Filter Option
Pool Name	Drop-down box for selecting the pool name to be displayed.
Total Pools	Total pools added.
Pools Tab Option
ID	ID of the Pool.
Name	Name of the destination pool.
Address Range	IP address range in the destination pool.
Port	Destination port number in the pool.
Routing Instance	Name of the routing instance.
Total Addresses	Total IP address, IP address set, or address book entry.
Translation Hits	Number of times a translation in the translation table is used for destination NAT.
Address High	Ending IP address of one address range in the source pool.
Top 10 Translation Hits	Displays the graph of top 10 translation hits.

Monitoring Static NAT Information

To view static Network Address Translation table information, select Monitor>NAT>Static NAT in the J-Web interface, or enter the following CLI command:

show security nat static-nat summary

Table 54 summarizes key output fields in the static NAT display.

Table 54: Summary of Key Static NAT Output Fields

Field	Values	Additional Information
Rule Filter Option
Rule-Set Name	Filter to sort rules by name.
Total Rules	Number of rules configured.
Rule Tab Option
ID	Rule ID number.
Position
Name	Name of the rule.
Rule set Name	Name of the rule set.
From	Name of the routing instance/interface/zone from which the packet comes
Destination Address	Destination IP address and subnet mask.
Host Address	Host IP address and subnet mask mapped to the destination IP address and subnet mask.
Netmask	Subnet IP address.
Host Routing Instance	Name of the routing instance from which the packet comes.
Translation Hits	Number of times a translation in the translation table is used for a static NAT rule.

Monitoring Incoming Table Information

To view Network Address Translation table information, select Monitor>NAT>Incoming Table in the J-Web interface, or enter the following CLI command:

show security nat incoming-table

Table 55 summarizes key output fields in the incoming table display.

Table 55: Summary of Key Incoming Table Output Fields

Field	Values	Additional Information
Stattistics
In use	Number of entries in the NAT table.
Maximum	Maximum number of entries possible in the NAT table.
Entry allocation failed	Number of entries failed for allocation.
Incoming Table
Clear
Destination	Destination IP address and port number.
Host	Host IP address and port number that the destination IP address is mapped to.
References	Number of sessions referencing the entry.
Timeout	Timeout, in seconds, of the entry in the NAT table.
Source-pool	Name of source pool where translation is allocated.

Monitoring Interface NAT Port Information

To view port usage for an interface source pool information, select Monitor>Firewall/NAT>Interface NAT in the J-Web interface, or enter the following CLI command:

show security nat interface-nat-ports

Table 56 summarizes key output fields in the interface NAT display.

Table 56: Summary of Key Interface NAT Output Fields

Field	Values	Additional Information
Interface NAT Summary Table
Pool Index	Port pool index.
Total Ports	Total number of ports in a port pool.
Single Ports Allocated	Number of ports allocated one at a time that are in use.
Single Ports Available	Number of ports allocated one at a time that are free for use.
Twin Ports Allocated	Number of ports allocated two at a time that are in use.
Twin Ports Available	Number of ports allocated two at a time that are free for use.