NAT not working: What is the best first troubleshooting step if your router is not translating addresses?

Introduction / Context:
When NAT fails, the fastest fixes come from verifying foundational configuration: interface roles, ACLs that define interesting traffic, and route reachability. Random reboots or blanket debugging can waste time or harm stability.

Given Data / Assumptions:

• Router configured to perform NAT/PAT.
• No translations are appearing.
• You have CLI access for checks.

Concept / Approach:
The most common NAT issues stem from interface mislabeling (missing 'ip nat inside' or 'ip nat outside'), wrong or empty ACLs used in 'ip nat inside source list', or routing that sends traffic around the NAT device. First confirm interface roles and correctness of the NAT rule bindings.

Step-by-Step Solution:

Verification / Alternative check:
Generate test traffic, then use 'show ip nat translations' or 'debug ip nat' (with 'terminal monitor') to confirm translations appear.

Why Other Options Are Wrong:
Reboot / Call Cisco: Premature; basic checks often solve the issue. debug all: Dangerous—high CPU and overwhelming output; use targeted debug only after basics are verified.

Common Pitfalls:
Placing 'ip nat inside' and 'ip nat outside' on the wrong interfaces, or forgetting to apply them at all, is a classic cause of “NAT not working.”

Final Answer:
Check your interfaces for the correct configuration.