Eudemon 200 configured the “NAT server” and NAT address pool, can we see the switching frequency of the message hit NAT server and NAT address pool?
1, at present the firewall no command to check message matching “NAT server” times:
[Eudemon]display nat server
Server in private network information:
GlobalAddr GlobalPort InsideAddr InsidePort Pro Reference
184.108.40.206 ---- 220.127.116.11 ---- --- (0)time
Total 1 NAT servers
Firewall is using VRP platform, on the router the “NAT server” is configured in the interface, Reference parameter is used to record the times that the “NAT server” is quoted in the interface, but in the firewall the “NAT server” is global, this Reference parameter is not significance, whose value always is 0.
2, firewall has no command to check the times that the message matching NAT address pool:
[Eudemon]display nat address-group
NAT address-group information:
NUM START-ADDRESS END-ADDRESS REFERENCE
1 18.104.22.168 22.214.171.124 2
2 192.168.1.10 192.168.1.15 1
Total 2 address-groups
Here the REFERENCE recorded the frequency of the address pool be quoted by the security domain (can be quoted by multi secure domain), such as in the “trust” and “untrust” domain quoted the address pool, as follows:
firewall interzone trust untrust
nat outbound 2000 address-group 2
If the acl 2000 is used only for this domain address translation, namely other modules all don’t use this acl (such as packet filtering, etc.), you can through checking the rules matching frequency of this acl to indirect learn the frequency of this address pool be translated.
[Eudemon]dis acl 2000
Basic ACL 2000, 1 rule
Acl's step is 5
rule 5 permit (1 times matched)