Scribd
Upload
20 views13 pages

12 - Nat

This document discusses network address translation (NAT) and port address translation (PAT). It provides examples of configuring static NAT to map a local IP to a global IP, dynamic NAT to map local IPs to a pool of global IPs, and NAT overload to map multiple local IPs to a single global IP using different ports. The show ip nat translations command is used to display active NAT/PAT sessions.

Uploaded by

Ahmed Marzouq
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
20 views13 pages

12 - Nat

This document discusses network address translation (NAT) and port address translation (PAT). It provides examples of configuring static NAT to map a local IP to a global IP, dynamic NAT to map local IPs to a pool of global IPs, and NAT overload to map multiple local IPs to a single global IP using different ports. The show ip nat translations command is used to display active NAT/PAT sessions.

Uploaded by

Ahmed Marzouq
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 13

Ahmed Marzouq

+2012 853 14514


Address Space Management

• Scaling the Network


with NAT and PAT
Network Address Translation

 An IP address is either local or global.


 Local IPv4 addresses are seen in the inside network.
 Global IPv4 addresses are seen in the outside network.
Port Address Translation
Port Address Translation
Configuring and Verifying Static
Translation
RouterX(config)# ip nat inside source static local-ip global-ip
 Establishes static translation between an inside local address and an
inside global address

RouterX(config-if)# ip nat inside


 Marks the interface as connected to the inside

RouterX(config-if)# ip nat outside


 Marks the interface as connected to the outside

RouterX# show ip nat translations


 Displays active translations
Enabling Static NAT
Address Mapping Example

interface s0
ip address 192.168.1.1 255.255.255.0
ip nat outside
!
interface e0
ip address 10.1.1.1 255.255.255.0
ip nat inside
!
ip nat
RouterX# show inside
ip nat source static 10.1.1.2 192.168.1.2
translations
Pro Inside global Inside local Outside local Outside global
--- 192.168.1.2 10.1.1.2 --- ---
Configuring and Verifying Dynamic
Translation
RouterX(config)# ip nat pool name start-ip end-ip
{netmask netmask | prefix-length prefix-length}
 Defines a pool of global addresses to be allocated as needed

RouterX(config)# access-list access-list-number permit


source [source-wildcard]
 Defines a standard IP ACL permitting those inside local addresses
that are to be translated

RouterX(config)# ip nat inside source list


access-list-number pool name
 Establishes dynamic source translation, specifying the ACL that was
defined in the previous step

RouterX# show ip nat translations


 Displays active translations
Dynamic Address Translation Example

RouterX# show ip nat translations


Pro Inside global Inside local Outside local Outside global
--- 171.69.233.209 192.168.1.100 --- ---
--- 171.69.233.210 192.168.1.101 --- ---
Overloading an Inside Global Address
Configuring Overloading

RouterX(config)# access-list access-list-number permit


source source-wildcard
 Defines a standard IP ACL that will permit the inside local addresses
that are to be translated

RouterX(config)# ip nat inside source list


access-list-number interface interface overload
 Establishes dynamic source translation, specifying the ACL that was
defined in the previous step

RouterX# show ip nat translations


 Displays active translations
Overloading an Inside Global Address
Example

hostname RouterX
!
interface Ethernet0
ip address 192.168.3.1 255.255.255.0
ip nat inside
!
interface Ethernet1
ip address 192.168.4.1 255.255.255.0
ip nat inside
!
interface Serial0
description To ISP
ip address 172.17.38.1 255.255.255.0
ip nat outside
!
ip nat inside source list 1 interface Serial0 overload
!
ip route 0.0.0.0 0.0.0.0 Serial0
!
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit 192.168.4.0 0.0.0.255
!
RouterX# show ip nat translations
Pro Inside global Inside local Outside local Outside global
TCP 172.17.38.1:1050 192.168.3.7:1050 10.1.1.1:23 10.1.1.1:23
TCP 172.17.38.1:1776 192.168.4.12:1776 10.2.2.2:25 10.2.2.2:25
Ahmed Marzouq
+2012 853 14514

You might also like