hi

yes I know that FAQ and there is nothing related to my topic I'm afraid, did you understand what my customer is after?

There are no issues with NAT except ... CP Build - R80.40 (as this cannot be upgraded at this time) hence our hands are tight as we do not have much tools (including CCC) which shows NAT rules utilisation. None of the links you've provided leads to any conclusions though nor to any useful information sorry. Am I blind then or I'm missing something here?

-

CPVIEW by R80.40 does not show NAT at all hence my reiteration on that. Due to this missing bit (it isn't there simply until R81) they've got no other option to see utilisation/usage of their NAT rules. FAQ has nothing to do with it as PORT USAGE is not what I was asking about.

NAT:
2376649/0 forw, 2897027/0 bckw, 69484456 tcpudp,
340322 icmp, 32985755-16777499 alloc

*** not really of use so much  ***

-

is that seriously R80.40? it seems to me that this isn't really that one, instead R81. See Dameon's post here. There was no facilty in CPVIEW code to gather NAT's in Adcance-NAT pattern.

-

Perhaps it’s related to the JHF level.
Having said that, there’s no obvious mention in the R80.40 JHF notes

-

All lovely but unfortunately still it does not help my Customer who by running R80.40 cannot effectively assess which of their NAT rules should be considered as priority for the MTO.

As a unlucky factor they also noted that by not using any 3rd party policies orchestartion nor any SIEM they've shoot themselves in the foot now when the time has come for the MTO preparations and migartions off CP. They plan to eliminate "anything CP" within the next year as most of their stuff runs out of support and many are already EOL H/W wise so I believe you can guess which vendor they decided to go for instead hence now the priority is to assess whatever possible (on gaia, smartconsole) and take this forward with us (MSP) towards another architecture.

shame we cannot assess other than by the logs, which NAT rules are used and/or completely unused.

any hints/tips highly welcomed as always chaps.

nobody will risk an upgrade process on already outdated H/W so knowing that R80.40 is the latest supported build for their 4000/5000 gear would make no sense I'm afirad 😞 

-

I do read english and have no issues with that mate 🙂 I'm happy you've corrected your post so quickly but emails shows your complete ignorance of the fact that I have wrote above one little line: "nobody will risk an upgrade process" - that INCLUDE take/jhf install. so now who's english lacks? 😛 

anyway, that's not the place for arguments hence I was hoping I'm making myself clear enough, looks like many bi-lingual ppl here still struggle, fair enough so let's make sure we're on the same page.

Customer is not willing to touch their builds just to see NAT page on CPVIEW. Period.

Hope that this is indeed clarified 4ever now.

Reg. the issue itself - I presume R80.40 JHF 139 as it stands does NOT support NAT details by CPVIEW. Am I correct? 

@Jerry & @G_W_Albrecht, please refrain from personal attacks in this forum. We expect all the members to behave professionally. 

Thanks,
admin team

hi Val, ABSOLUTELY AGREE, I never ever intend to do anything like that but unfortunatelly I've just defended myself. It's not me who started, see below:

Please stop, both of you. Or else 🙂

Grand Tim! That's the answer I was waiting for 🙂 excellent and spot on!

Much appreciate it, we'll give it a try with the Customer and update you all due course,

Cheers and thanks to all!