NAT and PAT

NAT:

inside local address: address being translated

outside local address: local host with public ip address inside the network

inside global address: external interface with a public ip. IE, router to ISP

outside global address: remote host.

---

STATIC NAT:

one to one mapping of inside local to inside global IP.

Configuration:

ip nat inside source static

Example:

ip nat inside source static 192.168.0.25 24.1.1.2

interface e0

ip nat inside

interface s0

ip nat outside

---

Dynamic NAT

enables an inside host to get an outside address when needed, this saves the trouble of creating multiple static maps, one for each host that wants to use the internet.

Configuration:

ip nat pool [pool name] [first ip] [last ip] netmask [mask]

Example:

IP nat pool MyPool 24.1.13 24.1.1.6 netmask 255.255.255.0

Access list 1 permit 192.168.0.0 0.0.255.255

-Best Practice-

Deny hosts that you do not want translated.

Example:

access list 1 deny host

access list 1 permit

Configuration example:

ip nat inside source list 1 pool MyPool

interface e0

ip nat inside

interface s0

ip nat outside

---

Port Address Translation (PAT) / PAT = nat overload

Another name for extended NAT, neverages TCP/IP by using the same ports of hosts to distinguish them from each other when they are all being trslated, possibly to a single outside address. Same as dynamic nat, with the addition of "overload"

access list 1 permit 192.168.0.0 0.0.255.255

ip nat inside source static 192.168.0.25 24.1.1.2

ip nat poool My Pool 24.1.1.3 24.1.1.6 netmask 255.255.255.0

ip nat inside source liust 1 pool MyPool overload

interface e0

ip nat inisde

interface s0

ip nat outside

---

Troubelshooting:

show ip nat translations

show ip nat statistics