Cisco NAT Configuration
Static NAT
- Set inside and outside interfaces
- #conf t
- (config)#int f0/1
- (config-if)#ip nat outside
- (config-if)#int f0/0
- (config-if)#ip nat inside
- Set the translation for inside and out side
- (config-if)#exit
- (config)#ip nat inside source static [insideLocalIP] [InsideGlobalIP]
- Inside Local address – Actual configured IP address on the inside host OS
- Inside global address – NAT’d address of inside host as it will be reached/seen by the outside network.
- Verify translation
- (config)#end
- #show ip nat translation
Dynamic NAT
- Set interface with clients that will use the pool as an inside interface
- #conf t
- (config)#int f1/0
- (config-if)#ip nat inside
- Set dynamic pool
- (config-if)#exit
- (config)#ip nat pool [name of pool] [startingIPaddess] [endingIPaddress] netmask [subnet]
- Create an access list for the allow addresses to use the pool
- (config)#access-list [Accesslist#] deny|permit|remark [protocol] [IpAddress] [Wildcard Mask]
- Associate the access list with the NAT pool
- (config)#ip nat inside source list [accesslist#] pool [poolname]
- Verify traffic
- Enable Port Address Translation so the last IP address in the range can be reused when all address have been allocated.
- Add the “overload flag at the end of the associate command
- (config)#ip nat inside source list [accesslist#] pool [poolname] overload
Port Address Translation (PAT)
- Remove address from Router Interface and configure it to use DHCP
- #conf t
- (config)#int f0/0
- (config-if)#no ip address
- (config-if)#ip address dhcp
- Configure NAT
- Repeat the assigning interfaces inside and outside
- Create access-list
- (config)#ip nat inside source interface f0/0 overload
- Verify Nat translation
- Show nat statistics