NATCISCO (Enregistré automatiquement)

8/2/2019 NATCISCO (Enregistr automatiquement)

1/3

1. Overloading or Port Address Translation (PAT)

This is the most frequently used form of NAT in IP networks. It uses the concept of many-to-

one translation where multiple connections from different internal hosts are multiplexed into a

single registered (public) IP address using different source port numbers. This type of NAT allows

a maximum of 65,536 internal connections to be translated into a single public IP. This type of NAT

is very useful in situations where our ISP has assigned us only a single public IP address, as shownbelow.

In our scenario above, our internal network range is 192.168.32.0/24 and our assigned public IPaddress is 213.18.123.100. All internal hosts will be translated to the public address using different

port numbers.

Configuration:

Router(config)# interface ethernet 0

Router(config-if )# ip address 192.168.32.1 255.255.255.0

Router(config-if )# ip nat inside

Router(config)# interface serial 0


Router(config-if )# ip nat outside

Router(config)# ip nat pool overloadpool 213.18.123.100 213.18.123.100 prefix-length 24

Router(config)# ip nat inside source list 1 pool overloadpool overload

Router(config)# access-list 1 permit 192.168.32.0 0.0.0.255

2. Dynamic NAT

Dynamic NAT translates internal private IP addresses to public addresses from a range (pool) of

public addresses assigned to our network from an ISP.

In our example scenario above, assume that we own the range of public IP addresses

213.18.123.0/24. Any internal host accessing the internet, will be translated by the NAT router to

the first available public IP in the public pool range. In our example above, internal host


2/3

192.168.32.10 is translated to 213.18.123.116 (one-to-one mapping). Similarly, 192.168.32.12 is

translated to 213.18.123.112 etc.

Configuration:


Router(config-if )# ip address 192.168.32.1 255.255.255.0Router(config-if )# ip nat inside




Router(config)# ip nat pool dynamicpool 213.18.123.0 213.18.123.255 prefix-length 24

Router(config)# ip nat inside source list 1 pool dynamicpool

Router(config)# access-list 1 permit 192.168.32.0 0.0.0.255

3. Static NAT

This form of NAT creates a permanent one-to-one static mapping of a public IP address with a

private IP address. It is particularly useful in cases where an internal host needs to be accessible

from the outside public internet.

In our example diagram above, the internal host with private IP address 192.168.32.10 will always

be translated to 213.18.123.110. Hosts from the outside public internet will be able to directly

access the statically nated internal hosts by accessing their mapped public IP address. This

scenario is useful to provide access to public company servers such as Web Server, Email Server

etc.

Configuration:







Router(config)# ip nat inside source static 192.168.32.10 213.18.123.110



4. Port Redirection

This is useful in situations where we have a single public IP address and we need to use it for

accessing two or more internal servers from outside. Assume that we have a Web and Emailservers that we need to provide access from outside using only a single public IP address. Assume

that our public address is 100.100.100.1. Inbound traffic coming towards address 100.100.100.1


3/3

port 80 will be redirected to our internal Web Server 192.168.32.10, and inbound traffic coming

towards address 100.100.100.1 port 25 will be redirected to our internal Email Server

192.168.32.20.

Configuration:

Router(config)# interface ethernet 0Router(config-if )# ip address 192.168.32.1 255.255.255.0





Router(config)# ip nat inside source static tcp 192.168.32.10 80 100.100.100.1 80

Router(config)# ip nat inside source static tcp 192.168.32.20 25 100.100.100.1 25

Documents

NATCISCO (Enregistré automatiquement)