NAT, Network Address Translation in simple terms translates an IP address into another. Network Address Translation is of different types like
Static NAT (One to One)
Dynamic NAT (Many to Many)
Overloading (Many to One)
We will focus on Overloading form of NAT. This is called as Port Address Translation (PAT) or even Network Address Port Translation (NAPT). NAT Overloading translates many private IP addresses from a Local Area Network (LAN) onto a single registered legal Public IP address. Here, the source IP and the source port gets translated to the Public IP and a different source port.
Typical network configuration would be on an Internet Router which enables all the hosts in the LAN to connect to the Internet using one single Public IP address.
The following procedure will help you to configure NAT Overload or Port Address Translation (PAT) in Cisco IOS:
1. NAT inside interface
Enable an interface on the router with an IP Address and mark it as nat inside interface. This is the interface that connects to your internal private network
WANRouter(config)# int fastethernet0/1
WANRouter(config-if)# ip address 192.168.1.1 255.255.255.0
WANRouter(config-if)# ip nat inside
2. Enable NAT outside interface
WANRouter(config)# int serial0/0/0
WANRouter(config-if)# ip address 100.100.100.100 255.255.255.0
WANRouter(config-if)# ip nat outside
3. Configure NAT Pool
This will be a pool of legal Public IPs that is bought by the organisation. This could anything from one to many IP Address
WANRouter(config)# ip nat pool WANPOOL 100.100.100.10 100.100.100.10 netmask 255.255.255.0
This creates pool which has just one IP address. The syntax is
ip nat pool <pool name> startip endip {netmask netmask | prefix prefix-length}
4. Access List to allow list of IP Addresses to NAT translate
WANRouter(config)# ip access-list 10 permit 192.168.1.0 0.0.0.255
For more networks or hosts to overload the NAT pool simply add them to the access list
WANRouter(config)# ip access-list 10 permit 192.168.2.0 0.0.0.255
WANRouter(config)# ip access-list 10 permit 192.168.3.0 0.0.0.255
Instruct Router to NAT the Access list to the NATPool
WANRouter(config)# ip nat inside source list 10 pool WANPOOL overload
If this is an internet configuration then ensure that a default route on the IP to the outside IP address or outside interface
WANRouter(config)# ip route 0.0.0.0. 0.0.0.0 serial0/0/0
or
WANRouter(config)# ip route 0.0.0.0 0.0.0.0 100.100.100.100
Thats it. Job done!!!
The NAT setup is now complete.We have setup the router to translate LAN private IPs into the Internet public IPs.
To check the NAT status and statistics
WANRouter# show ip nat statistics
To see the active translations
WANRouter# show ip nat translations
Dear All,
Kindly sent me the ccna Dumps,
Please…..
My mail id naga.venkatesan@gmail.com
Nice how-to, well written and easy to follow
Worked first time
Thanks
thanks,it’s excellent,how to configure the autoconfiguration IPv6?
I have a question. If you have more than 1 IP in the public outside IP pool, how do you know/assign which internal IP gets natted to which public IP?
please tell me ,static routing,default routing,dynamic routing(Routing protocols),vpn,nat &also there apropriate example
very good explanation. thanks a lot
Dear tdma,
If you are having multiple public IPs, then you have to specify them in NAT POOL. That public IPs from pool will automatically get assigned to private IPs.
Dear tdma,
To know which internal IP gets natted to which public IP, you can use this command:
Router# show ip nat translations
It will show that which private IP got mapped/natted to which public IP.
Dear All,
I have 8 public ip and whant to nat to my 4 local servers
i have cisco 1841 router please can any one help in dng a static nat
quick question….
would it be possible to convert all of the private address to public by using the serial public ip address
for example ip nat inside source list 10 interface s 0/0/0 overload
since the s 0/0/0 interface already has the public address which is 100.100.100.10?
what if the addresses in the pool has changed?
I had a Cisco 3825 acting as a Gateway
I had Static IP : Example:
78.12.34.34 on 0/0 using SFP gigabit port 10gb per port
the 0/1 is set up as defult 38.100.1.145 conecting to
swtich cisco
then I had 8 server conected in to that Cisco switch
1st-port: Server has Local ip as 38.100.1.146
2st-port: Server has Local ip as 38.100.1.147
3st-port: Server has Local ip as 38.100.1.148
How I can open port as 554,80,22… on this Cisco 3825
let say on server 1= ip-38.100.1.146:554 how I open this port.
Thanks
gracias 😀