To verify that NAT bypass is in effect, use the following show service active-subscribers detail and show filter ip commands.
*A:Dut-C# show service active-subscribers detail
===============================================================================
Active Subscribers
===============================================================================
-------------------------------------------------------------------------------
Subscriber AL_x0ffx6x0x0x2
(sub_l2-dhcp1)
-------------------------------------------------------------------------------
NAT Policy : pol-B-1
Outside IP : 130.0.0.201
Ports : 1536-1570
NAT Policy : pol-o-1
Outside IP : 19.0.0.87 (vprn101)
Ports : 1024-1055
NAT Policy : pol-o1-1
Outside IP : 130.0.0.68 (vprn601)
Ports : 1152-1349
NAT Policy : pol-o2-1
Outside IP : 130.0.0.222 (vprn602)
Ports : 1152-1349
-------------------------------------------------------------------------------
I. Sched. Policy : N/A
E. Sched. Policy : N/A E. Agg Rate Limit: Max
E. Min Resv Bw : 1
I. Policer Ctrl. : N/A
E. Policer Ctrl. : N/A
I. vport-hashing : Disabled
I. sec-sh-hashing: Disabled
Q Frame-Based Ac*: Disabled
Acct. Policy : N/A Collect Stats : Disabled
ANCP Pol. : N/A
Accu-stats-pol : (Not Specified)
HostTrk Pol. : N/A
IGMP Policy : N/A
MLD Policy : N/A
PIM Policy : N/A
Sub. MCAC Policy : N/A
NAT Policy : pol-o-1
Firewall Policy : N/A
UPnP Policy : N/A
NAT Prefix List : npl-4
Allow NAT bypass : Yes
This command shows that the ESM subscriber is a L2-Aware NAT subscriber for which bypass is enabled.
The following command provides insight into whether the NAT bypass is in effect:
*A:Dut-A>config>filter# show filter ip 10
===============================================================================
IP Filter
===============================================================================
Filter Id : 10 Applied : Yes
Scope : Template Def. Action : Drop
Type : Normal
System filter : Unchained
Radius Ins Pt : n/a
CrCtl. Ins Pt : n/a
RadSh. Ins Pt : n/a
PccRl. Ins Pt : n/a
Entries : 1
Description : (Not Specified)
Filter Name : 10
-------------------------------------------------------------------------------
Filter Match Criteria : IP
-------------------------------------------------------------------------------
Entry : 1
Description : (Not Specified)
Log Id : n/a
Src. IP : 0.0.0.0/0
Src. Port : n/a
Dest. IP : 0.0.0.0/0
Dest. Port : n/a
Protocol : Undefined Dscp : Undefined
ICMP Type : Undefined ICMP Code : Undefined
Fragment : Off Src Route Opt : Off
Sampling : Off Int. Sampling : On
IP-Option : 0/0 Multiple Option: Off
Tcp-flag : (Not Specified)
Option-pres : Off
Egress PBR : Disabled
Primary Action : Forward
L2 Aware NAT Bypass : Enabled
Ing. Matches : 0 pkts
Egr. Matches : 0 pkts
===============================================================================