Cisco® CCNA Exam Cram Notes : NAT

VII. IP connectivity and Services

3. NAT

Static NAT: It is a one-to-one mapping between an unregistered IP address and a registered IP address.

Enabling Static NAT for an Inside Source Address

For inside source translation, the traffic flows from inside interface to the outside interface. NAT translates the inside local IP address to the inside global IP address. On the return traffic, the destination inside global IP address gets translated back to the inside local IP address.

Step 1: R1#configure terminal

Enters global configuration mode.

Step 2: R1(config)#ip nat inside source static local-ip-address global-ip-address [group group-id]

Configures static NAT to translate the inside global address to the inside local address or to translate the opposite (the inside local traffic to the inside global traffic).

Step 3: R1(config)#copy running-config startup-config (Optional)

Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration.


R1#configure terminal
Enter into global configuration mode
R1(config)#ip nat inside source static
R1(config)#ip nat inside source static, = inside local addresses, = inside global addresses

ip nat pool <pool-name> <ip-address> <ip-address> netmask <mask-address>

Configuring NAT when translating private LAN addresses to public internet addresses on router.

The following command configures a static NAT translation by mapping inside local address to the inside global address.

ip nat inside source static

Here, is the inside local address, and is the inside global address. A packet's source address is changed to by the NAT device.

The correct syntax for enabling dynamic NAT to translate many inside hosts to an inside global IP address is:

ip nat inside source list <access-list-number> pool <pool-name> overload

where <access-list-number> is the standard access list number, and <pool-name> is the pool name.

Dynamic NAT: Usually, Dynamic NAT is implemented, where a pool of public IP addresses is shared by an entire private IP subnet. When a private host initiates a connection, a public IP address is selected. The mapping of the computer's non-routable IP address matched to the selected IP address is stored in the NAT Table. As long as the outgoing connection is maintained, the private host can be reached by incoming packets sent to the specified public address. When the binding expires, the address is returned to the pool for reuse.

The following two statements are true about dynamic NAT translations:

1. The inside IP addresses eligible for address translation are defined in a standard IP access-list.

2. Only packets moving between inside and outside networks will get translated. This is true even for static NAT. If a packet is destined for another host, but does not require to cross the NAT boundary, the packet source /destination addresses are not translated. This is understandable, since the packet is not crossing the inside network boundary.

Previous    Contents    Next

CCNA Cram Notes Contents
certexams ad

simulationexams ad