Simple question

[davegibelli]

I want to search for NAT rules based on an IP address

E.G I have an address 51.0.0.2 that is being NATed to something on the inside but how do I figure out what it is being NATed to?

[mcnallym]

If you have an object for the IP then just ricght click on the object select where used and it will tell you which NAT rules the object is used in.

You can then look at the NAT rule and see what being NATted too.

Alternatively you can expand the query properties in the TRacker and include NAT Rules and Src xlate and dst xlate coloumns to see what the IP is being translated too, by filtering for the IP address in the source coloumn

[davegibelli]

The problem is I cannot find the object...

All I know is the IP address, 51.0.0.2, is there a way to search for the IP address?

[mcnallym]

In that case use the method I said using SMARTView Tracker and type the IP address as the dest. Expand the query properties so can see the xlate dst coloumn as well and this tells you the xlated dst that the IP is being translated too.

You are using the filtering capability in the logs so make sure you are logging your traffic.

If you also show the NAT Rule then you can see what rule this is being caught under.

This way it will just show traffic destined for 51.0.0.2, what the NAT rule being applied is and also what address it is being NATted too.