You want to monitor Network Address Translation activity on a Cisco router as it happens. Which command will show real time NAT translations and activity messages rather than just the current translation table?

Introduction / Context:
Network Address Translation, or NAT, is widely used to map private inside addresses to public global addresses. When troubleshooting NAT issues, you often need more than a static snapshot of the translation table. Real time debugging messages can show when translations are created, used and removed. Cisco IOS provides several show commands related to NAT and also debug commands that print detailed messages to the console.

Given Data / Assumptions:

You are working on a Cisco router that is performing NAT.

You want to see live activity as packets are translated, not just the existing table entries.

You understand that debug commands generate real time output and should be used with care.

Only one option is the classic Cisco command for real time NAT debugging.

Concept / Approach:
Show commands such as show ip nat translations and show ip nat statistics display the current state of NAT tables and counters but do not print every translation event as it occurs. The debug ip nat command, on the other hand, instructs the router to log NAT events to the console, showing details for each packet that is being translated. This is the tool you use when you need to see how NAT behaves in real time for test packets or problematic flows.

Step-by-Step Solution:
Consider show ip nat translations: it displays the current table of inside local, inside global, outside local and outside global addresses but does not by itself show live changes packet by packet. Show ip nat statistics gives counters for hits, misses and details about pools, but it is still a snapshot, not a real time stream of events. The clear ip nat translations command resets the table and is used for maintenance but produces no steady real time feed of information. Debug ip nat is a debug command that prints a line of output each time a packet is translated or matched, making it ideal for watching real time NAT activity. Therefore, among the options, debug ip nat is the correct choice for real time translation monitoring.

Verification / Alternative check:
In a lab, enable debug ip nat and then generate some traffic from an inside host to an outside destination. You will see messages for each translation event, often showing inside local to inside global mappings and vice versa. When you disable the debug with undebug all or no debug ip nat, the stream of messages stops. This behaviour demonstrates that debug ip nat provides real time insight rather than static information.

Why Other Options Are Wrong:
Option a, show ip nat translations, is very useful but only shows a current list of mappings; it does not automatically update on screen in real time and is not a debug command.

Common Pitfalls:
Option b, show ip nat statistics, is often used to check whether a pool is in use and to see hit counts but again does not provide per packet logs.
Option d, clear ip nat translations, can disrupt active sessions and should be used cautiously; it is not a monitoring tool.
Option e, debug ip packet, produces very verbose output and may affect performance; it is not targeted specifically at NAT and is not the recommended way to watch translations.

Common Pitfalls:
Many administrators forget to turn off debug commands, which can flood the console and impact router performance, especially on busy devices. Always use debug ip nat carefully, preferably on lab gear or during controlled troubleshooting windows, and remember to disable it after you gather enough information. Combining debug ip nat with show ip nat translations can give you both real time insight and a summary view.

Final Answer:
The command that shows real time NAT translation activity is debug ip nat.