Troubleshooting nat, Symptom 1, Solution – H3C Technologies H3C S12500 Series Switches User Manual
Page 130: Symptom 2
116
# Export the NAT logs of Device A to the NAT log server.
<DeviceA> system-view
[DeviceA] userlog nat export host 3.3.3.7 9021
# Set the source IP address of NAT log packets for Device A to 9.9.9.9.
[DeviceA] userlog nat export source-ip 9.9.9.9
# Enable the NAT log function on Device A.
[DeviceA] nat log enable
You must run XLog on the NAT log server or the system log server to view NAT log information.
Troubleshooting NAT
Symptom 1
Abnormal translation of IP addresses.
Solution
1.
Enable debugging for NAT. Try to locate the problem based on the debugging display.
2.
Use other commands, if necessary, to further identify the problem. Pay special attention to the
source address after the address translation and make sure this address is the address that you
intend to change to. If not, there might be an address pool bug.
3.
Ensure a route is available between the destination network and the address pool segment.
4.
Be aware of the possible effects that the firewall or the ACLs have on NAT, and note the route
configurations.
Symptom 2
Internal server does not function correctly.
Solution
1.
Check whether the internal server host is correctly configured.
2.
Check whether the router is correctly configured with respect to the internal server parameters,
such as the internal server IP address.
3.
Use the display acl command to verify whether the firewall has denied external access to the
internal network.