asr1000 nat logging
Show flow monitor exporter statistics
You need to use the show commands to see if the ASR thinks the traffic is leaving: What is the output of show flow exporter? I always find it’s something like “SE linux” on the collector, and this stops you from seeing it in tcpdump.
On my cisco asr1001x nat logging does not work.
I do not see traffic on collector with tcpdump.
I tryning soft:
System image file is “bootflash:/asr1001x-universalk9.03.12.01.S.154-2.S1-std.SPA.bin”
System image file is “bootflash:/asr1001x-universalk9.03.15.00.S.155-2.S-std.SPA.bin”
interface TenGigabitEthernet0/0/0
description Downlink-to-X670
ip address 10.254.253.18 255.255.255.252 no ip redirects no ip unreachables ip nat inside ip flow monitor flow_v5 input ip flow monitor flow_v5 output service-policy type control CTRL-IPOE ip subscriber routed
initiator unclassified ip-address
end
ip nat settings mode cgn
no ip nat settings support mapping outside ip nat settings pap limit 60 ip nat log translations flow-export v9 udp destination 10.0.0.122 9995 source TenGigabitEthernet0/0/0 ip nat log translations flow-export v9 vrf 0 on ip nat translation timeout 300 ip nat translation tcp-timeout 1800 ip nat translation pptp-timeout 1800 ip nat translation udp-timeout 60 ip nat translation finrst-timeout 10 ip nat translation syn-timeout 10 ip nat translation dns-timeout 10 ip nat translation icmp-timeout 10 ip nat translation port-timeout tcp 80 360 ip nat translation port-timeout tcp 8080 360 ip nat translation port-timeout tcp 1600 180 ip nat translation port-timeout tcp 110 180 ip nat translation port-timeout tcp 25 180 ip nat translation max-entries all-host 2000 ip nat pool NAT_POOL_18.19.142 18.19.142.0 18.19.142.254 netmask 255.255.255.0 ip nat inside source list ACL_NAT_18.19.142 pool NAT_POOL_18.19.142 overload
flow exporter carbon4_v5
destination 172.1.1.2
transport udp 9996
export-protocol netflow-v5
!
!
flow monitor flow_v5
exporter carbon4_v5
cache timeout inactive 10
cache timeout active 1000
record netflow-original