You want to debug a NAT problem.

Cisco routers include a simple but useful debug facility for NAT. The basic form of the command is debug ip nat:

Router#debug ip nat

You can also add the detailed keyword to this command to get more information on each NAT event:

Router#debug ip nat detailed

It is often useful to use an access-list with the debug command. You can do this by simply specifying the number of the access-list. This will allow you to just look at NAT events for particular IP addresses that are permitted by the access-list:

Router#debug ip nat 15

You can also combine an access-list with the detailed keyword for more focused debugging:

Router#debug ip nat 15detailed

The following shows some typical log entries:

Router#terminal monitor
Router#debug ip nat
Sep  8 19:51:08.396 EDT: NAT: s=192.168.3.1->192.168.19.1, d=192.168.3.2 [0]
Sep  8 19:51:11.560 EDT: NAT*: s=192.168.1.10->192.168.19.55, d=192.168.3.2 [490
9]
Sep  8 19:51:11.568 EDT: NAT*: s=192.168.3.2, d=192.168.19.55->192.168.1.10 [490
9]
Sep  8 19:51:11.572 EDT: NAT: s=192.168.3.2, d=192.168.19.55->192.168.1.10 [4909
]
Sep  8 19:51:12.552 EDT: NAT*: s=192.168.1.10->192.168.19.55, d=192.168.3.2 [491
1]
Sep  8 19:51:12.564 EDT: NAT*: s=192.168.3.2, d=192.168.19.55->192.168.1.10 [491
1]

This particular trace follows a simple series of PING packets. The interior device 192.168.1.10 sends ICMP PING packets to the external destination 192.168.3.2. The router rewrites the internal address as 192.168.19.55 ...