Monitoring NAT

To monitor and troubleshoot NAT connections, log into the device CLI and use the following commands.

show nat displays the NAT rules and per-rule hit counts. There are additional keywords to show other aspects of NAT.
show xlate displays the actual NAT translations that are currently active.
clear xlate lets you remove an active NAT translation. You might need to remove active translations if you alter NAT rules, because existing connections continue to use the old translation slot until the connection ends. Clearing a translation allows the system to build a new translation for a client on the client's next connection attempt based on your new rules.