<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><font face="Courier">I have to start using a NAT on SE100 but I have problem with loggin connections. </font><div><font face="Courier"><br></font><div><font face="Courier">I have configuration like this:</font></div><div><font face="Courier"><br></font></div><div><font face="Courier">(…)</font></div><div><div><font face="Courier"> nat logging-profile monitor</font></div><div><font face="Courier"> transport-protocol udp</font></div><div><font face="Courier"> export-version v9</font></div><div><font face="Courier"> source 10.32.0.90 port 9000</font></div><div><font face="Courier"> destination 10.32.0.10 context BGP port 9000</font></div></div><div><font face="Courier"><br></font></div><div><font face="Courier"><div>ip nat pool NATPOOL napt logging</div><div> logging-profile monitor context BGP</div><div> address X.X.X.97 to X.X.X.115</div></font></div><div><font face="Courier"><br></font></div><div><font face="Courier"><div>nat policy NAT_POLICY enhanced</div><div>! Default class</div><div> drop</div><div> icmp-notification</div><div>! Named classes</div><div> access-group NAT-ACL</div><div> class NAT1</div><div> pool NATPOOL BGP</div><div> admission-control tcp</div><div> endpoint-independent filtering tcp</div><div> endpoint-independent filtering udp</div><div> inbound-refresh udp</div><div> icmp-notification</div></font></div><div><font face="Courier">(…)</font></div><div><font face="Courier"><br></font></div><div><font face="Courier">I received packet on my server .10 but when I captured this using (I used nfdump/nfcapd software) I'm not able to read IP src, IP dst and other information. My output is similar to this:</font></div><div><font face="Courier"><br></font></div><div><font face="Courier">Date flow start Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows</font></div><div><font face="Courier">2016-01-25 20:22:37.000 0.000 0 0.0.0.0:0 -> 0.0.0.0:0 2.4 M 131072 1</font></div><div><font face="Courier">2016-01-25 20:22:37.000 0.000 0 0.0.0.0:0 -> 0.0.0.0:0 2.4 M 65536 1</font></div><div><font face="Courier"><br></font></div><div>Is it possible to configure some open source collector to catch all information from this flow ?<span style="font-family: Courier;"> </span></div><br><br><div apple-content-edited="true">
<span class="Apple-style-span" style="border-collapse: separate; font-family: Times; border-spacing: 0px;"><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Times; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Times; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>-- </div><div>Piotr Łyczba</div><div><br></div></div></span></div></span></span></div></div></body></html>