■ Dynamic address translation—Is broken into two categories:
— Network Address Translation (NAT)—Multiple local hosts translate to a
pool of global addresses.
— Port Address Translation (PAT)—Multiple local hosts translate to a single
global address.
■ Static translation—A single local address translates to a single global address. Static rules
provide the translation to allow connection from a lower security level to a higher
security level, but this connection must be allowed in the security policy. This connection
can be allowed using either the conduit or access-list command. Access lists must be part
of an access group and must be configured to a specific interface.
■ show xlate—Displays translation slot information. Many options are available to
display specific information about the address translations.
■ clear xlate—Clears the translation table. Again, many options enable you to clear
specific portions of the translation table.
A single command with numerous options is used to troubleshoot connections:
■ show conn—Displays the number of and information about the active connections for
the options specified.