NAT Configuration

NAT Configuration

 
  1. Configure NAT Overload
  2. Configure Static NAT
  3. Configure Dynamic NAT (w/overload)
 
 

Configure NAT Overload

 
  1. Label interface
  2. Identify internal ip addresses to be translated
  3. Enable NAT overload
 
R1(config)#int e0/0
R1(config-if)#ip nat inside
R1(config-if)#int e0/1
R1(config-if)#ip nat outside
R1(config-if)#exit
 
R1(config)#access-list 101 deny 192.168.3.0 0.0.0.255
R1(config)#access-list 101 permit 192.168.0.0 0.0.255.255
 
 R1(config)#ip nat inside source list 101 outside ?
 interface
 pool
 
 R1(config)#ip nat inside source list 101 outside e0/1 overload
 
 
 To view NAT translations
 
R1#show ip nat translations
 
 

Configure Static NAT

If we have a webserver in our lan, we want to have a static global address binded to that server.
 
R1(config)#ip nat inside source ? 
list
route-map  specify route-map
static        specify static local->global mapping
 
R1(config)ip nat inside source static 192.168.10.50 ?
A.B.C.D        Inside global IP address
interface      Specify interface for global address
 
R1(config)ip nat inside source static 192.168.10.50 68.110.171.99
 Suppose 192.168.20.20 is email server and 192.168.10.50 is webserver — we want to use only one global address ???
                — Port Static NAT Mapping
 
R1(config)#ip nat inside source static tcp 192.168.10.50 80 interface e0/1 80
R1(config)#ip nat inside source static tcp 192.168.20.20 25 interface e0/1 25 
 

Configure Dynamic NAT (w/overload)

 
In large org, one ip cannot accomodate all internal hosts hence we use a pool of global address to be overloaded
 
So first configure the pool
 
R1(config)#ip nat pool PUBLIC_ADDR 68.110.171.99 68.110.171.100 netmask 255.255.255.0 
R1(config)#ip nat inside source list 101 pool PUBLIC_ADDR overload

 

if overload is not mentioned, it allows only two hosts use internet simultaneously
 

Advertisements

About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s