SlideShare a Scribd company logo

NAT and PAT

M
Muuluu

t

Technology
1 of 18
Managing IP Traffic with ACLs Scaling the Network with NAT and PAT Lecture 7
Outline • Overview • Introducing NAT and PAT • Translating Inside Source Addresses • Overloading an Inside Global Address • Verifying the NAT and PAT Configuration • Troubleshooting the NAT and PAT Configuration • Summary
Network Address Translation • An IP address is either local or global. • Local IP addresses are seen in the inside network.
Port Address Translation
Translating Inside Source Addresses
Configuring Static Translation Router(config)# ip nat inside source static local-ip global-ip • Establishes static translation between an inside local address and an inside global address Router(config-if)# ip nat inside • Marks the interface as connected to the inside Router(config-if)# ip nat outside • Marks the interface as connected to the outside
Enabling Static NAT Address Mapping Example
Configuring Dynamic Translation Router(config)# ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} • Defines a pool of global addresses to be allocated as needed. Router(config)# access-list access-list-number permit source [source-wildcard] • Defines a standard IP ACL permitting those inside local addresses that are to be translated. Router(config)# ip nat inside source list access-list-number pool name • Establishes dynamic source translation, specifying the ACL that was defined in the prior step.
Dynamic Address Translation Example
Overloading an Inside Global Address
Configuring Overloading Router(config)# access-list access-list-number permit source source-wildcard • Defines a standard IP ACL that will permit the inside local addresses that are to be translated Router(config)# ip nat inside source list access-list-number interface interface overload • Establishes dynamic source translation, specifying the ACL that was defined in the prior step
Overloading an Inside Global Address Example
Clearing the NAT Translation Table Router# clear ip nat translation * • Clears all dynamic address translation entries Router# clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] • Clears a simple dynamic translation entry that contains an inside translation or both an inside and outside translation Router# clear ip nat translation outside local-ip global-ip • Clears a simple dynamic translation entry that contains an outside translation Router# clear ip nat translation protocol inside global-ip global-port local-ip local-port [outside local-ip local-port global-ip global-port] • Clears an extended dynamic translation entry
Displaying Information with show Commands Router# show ip nat translations • Displays active translations Router# show ip nat translation Pro Inside global Inside local Outside local Outside global --- 172.16.131.1 10.10.10.1 --- --- Router# show ip nat statistics • Displays translation statistics Router# show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0 …
Sample Problem: Cannot Ping Remote Host
Solution: New Configuration
Using the debug ip nat Command Router# debug ip nat NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]
Translation Not Installed in the Translation Table? Verify that: • The configuration is correct. • There are not any inbound ACLs denying the packets entry to the NAT router. • The ACL referenced by the NAT command is permitting all necessary networks. • There are enough addresses in the NAT pool. • The router interfaces are appropriately defined as NAT inside or NAT outside.

Recommended

Nat pat
Nat patNat pat
Nat patCYBERINTELLIGENTS
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet3Anetwork com
 
Static Routing
Static RoutingStatic Routing
Static RoutingKishore Kumar
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationHamed Moghaddam
 
Static Routing
Static RoutingStatic Routing
Static RoutingSachii Dosti
 
Ccna ppt1
Ccna ppt1Ccna ppt1
Ccna ppt1AIRTEL
 
Ccna Commands In 10 Minutes
Ccna Commands In 10 MinutesCcna Commands In 10 Minutes
Ccna Commands In 10 MinutesCCNAResources
 

Recommended

Nat pat
Nat patNat pat
Nat patCYBERINTELLIGENTS
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet3Anetwork com
 
Static Routing
Static RoutingStatic Routing
Static RoutingKishore Kumar
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationHamed Moghaddam
 
Static Routing
Static RoutingStatic Routing
Static RoutingSachii Dosti
 
Ccna ppt1
Ccna ppt1Ccna ppt1
Ccna ppt1AIRTEL
 
Ccna Commands In 10 Minutes
Ccna Commands In 10 MinutesCcna Commands In 10 Minutes
Ccna Commands In 10 MinutesCCNAResources
 
IOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsIOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsAlejandro Marin
 
Cisco router basic
Cisco router basicCisco router basic
Cisco router basicTapan Khilar
 
Router commands
Router commandsRouter commands
Router commandsLaura Lahbib
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1Chaing Ravuth
 
Is is
Is isIs is
Is isIrham Nurhalim
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
 
Class notes fhrp,hsrp,vrrp
Class notes fhrp,hsrp,vrrpClass notes fhrp,hsrp,vrrp
Class notes fhrp,hsrp,vrrpSagarR24
 
CCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 VlansCCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 VlansVuz Dở Hơi
 
Cisco Commands
Cisco CommandsCisco Commands
Cisco CommandsFredrick Hall
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6mithilak
 
CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingVuz Dở Hơi
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.pptEdgardo Scrimaglia
 
EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)NetProtocol Xpert
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
IS-IS Protocol
IS-IS ProtocolIS-IS Protocol
IS-IS ProtocolMhd Khaled Alhalai
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routingteknetir
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information ProtocolKashif Latif
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTNishant Goel
 
Ccna command
Ccna commandCcna command
Ccna commandSiddhartha Rajbhatt
 
Eigrp.ppt
Eigrp.pptEigrp.ppt
Eigrp.pptEdgardo Scrimaglia
 
Wide area networks
Wide area networksWide area networks
Wide area networksMuuluu
 
Лекц 13
Лекц 13Лекц 13
Лекц 13Muuluu
 

More Related Content

What's hot

IOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsIOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsAlejandro Marin
 
Cisco router basic
Cisco router basicCisco router basic
Cisco router basicTapan Khilar
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1Chaing Ravuth
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
 
Class notes fhrp,hsrp,vrrp
Class notes fhrp,hsrp,vrrpClass notes fhrp,hsrp,vrrp
Class notes fhrp,hsrp,vrrpSagarR24
 
CCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 VlansCCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 VlansVuz Dở Hơi
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6mithilak
 
CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingVuz Dở Hơi
 
EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)NetProtocol Xpert
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routingteknetir
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information ProtocolKashif Latif
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTNishant Goel
 

What's hot (20)

IOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsIOS Cisco - Cheat sheets
IOS Cisco - Cheat sheets
 
Cisco router basic
Cisco router basicCisco router basic
Cisco router basic
 
Router commands
Router commandsRouter commands
Router commands
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1
 
Is is
Is isIs is
Is is
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorial
 
Class notes fhrp,hsrp,vrrp
Class notes fhrp,hsrp,vrrpClass notes fhrp,hsrp,vrrp
Class notes fhrp,hsrp,vrrp
 
CCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 VlansCCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 Vlans
 
Cisco Commands
Cisco CommandsCisco Commands
Cisco Commands
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6
 
CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan Routing
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
 
EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
IS-IS Protocol
IS-IS ProtocolIS-IS Protocol
IS-IS Protocol
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
 
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information Protocol
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPT
 
Ccna command
Ccna commandCcna command
Ccna command
 
Eigrp.ppt
Eigrp.pptEigrp.ppt
Eigrp.ppt
 

Viewers also liked

Wide area networks
Wide area networksWide area networks
Wide area networksMuuluu
 
Лекц 13
Лекц 13Лекц 13
Лекц 13Muuluu
 
Лекц 16
Лекц 16Лекц 16
Лекц 16Muuluu
 
Лекц 15
Лекц 15Лекц 15
Лекц 15Muuluu
 
Лекц 15
Лекц 15Лекц 15
Лекц 15Muuluu
 
Лекц 13
Лекц 13Лекц 13
Лекц 13Muuluu
 
User practical
User practicalUser practical
User practicalMuuluu
 
Лекц 14
Лекц 14Лекц 14
Лекц 14Muuluu
 
Active directory
Active directoryActive directory
Active directoryMuuluu
 
Лекц 14
Лекц 14Лекц 14
Лекц 14Muuluu
 
Basic software
Basic software Basic software
Basic software Muuluu
 
Switch function
Switch functionSwitch function
Switch functionMuuluu
 
Лекц 12
Лекц 12Лекц 12
Лекц 12Muuluu
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocolMuuluu
 
Өгөгдлийн бүтэц
Өгөгдлийн бүтэцӨгөгдлийн бүтэц
Өгөгдлийн бүтэцMuuluu
 
windows server 2003
windows server 2003 windows server 2003
windows server 2003Muuluu
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groupsMuuluu
 
1.1 windows server 2003
1.1 windows server 20031.1 windows server 2003
1.1 windows server 2003Muuluu
 
Лекц 11
Лекц 11Лекц 11
Лекц 11Muuluu
 
Лекц 12
Лекц 12Лекц 12
Лекц 12Muuluu
 

Viewers also liked (20)

Wide area networks
Wide area networksWide area networks
Wide area networks
 
Лекц 13
Лекц 13Лекц 13
Лекц 13
 
Лекц 16
Лекц 16Лекц 16
Лекц 16
 
Лекц 15
Лекц 15Лекц 15
Лекц 15
 
Лекц 15
Лекц 15Лекц 15
Лекц 15
 
Лекц 13
Лекц 13Лекц 13
Лекц 13
 
User practical
User practicalUser practical
User practical
 
Лекц 14
Лекц 14Лекц 14
Лекц 14
 
Active directory
Active directoryActive directory
Active directory
 
Лекц 14
Лекц 14Лекц 14
Лекц 14
 
Basic software
Basic software Basic software
Basic software
 
Switch function
Switch functionSwitch function
Switch function
 
Лекц 12
Лекц 12Лекц 12
Лекц 12
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocol
 
Өгөгдлийн бүтэц
Өгөгдлийн бүтэцӨгөгдлийн бүтэц
Өгөгдлийн бүтэц
 
windows server 2003
windows server 2003 windows server 2003
windows server 2003
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groups
 
1.1 windows server 2003
1.1 windows server 20031.1 windows server 2003
1.1 windows server 2003
 
Лекц 11
Лекц 11Лекц 11
Лекц 11
 
Лекц 12
Лекц 12Лекц 12
Лекц 12
 

Similar to NAT and PAT

NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9Waqas Ahmed Nawaz
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
Chapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfChapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfBuntha Chhay
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccnarobertoxe
 
Dynamic Routing IGRP
Dynamic Routing IGRPDynamic Routing IGRP
Dynamic Routing IGRPKishore Kumar
 

Similar to NAT and PAT (20)

Day 17 nat and pat
Day 17 nat and patDay 17 nat and pat
Day 17 nat and pat
 
Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccna
 
Day 17.1 nat pat (2)
Day 17.1 nat pat (2)Day 17.1 nat pat (2)
Day 17.1 nat pat (2)
 
Icnd210 s07l01
Icnd210 s07l01Icnd210 s07l01
Icnd210 s07l01
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routers
 
Nat
NatNat
Nat
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9
 
Nat 03
Nat 03Nat 03
Nat 03
 
Nat 07
Nat 07Nat 07
Nat 07
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 
Lan Network with Redundancy.ppt
Lan Network with Redundancy.pptLan Network with Redundancy.ppt
Lan Network with Redundancy.ppt
 
Lan Network with Redundancy
Lan Network with RedundancyLan Network with Redundancy
Lan Network with Redundancy
 
Chapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfChapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdf
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Dynamic Routing IGRP
Dynamic Routing IGRPDynamic Routing IGRP
Dynamic Routing IGRP
 

More from Muuluu

Lecture 2
Lecture 2Lecture 2
Lecture 2Muuluu
 
Lecture 5
Lecture 5Lecture 5
Lecture 5Muuluu
 
Lecture 3
Lecture 3Lecture 3
Lecture 3Muuluu
 
Firewall
FirewallFirewall
FirewallMuuluu
 
Hardware
HardwareHardware
HardwareMuuluu
 
Процессорын архитектур
Процессорын архитектурПроцессорын архитектур
Процессорын архитектурMuuluu
 
6 network devices
6 network devices6 network devices
6 network devicesMuuluu
 
Бие даалт
Бие даалтБие даалт
Бие даалтMuuluu
 
Switch configuration
Switch configurationSwitch configuration
Switch configurationMuuluu
 
Switch configuration
Switch configurationSwitch configuration
Switch configurationMuuluu
 
Dns server
Dns serverDns server
Dns serverMuuluu
 
User account policy
User account policyUser account policy
User account policyMuuluu
 

More from Muuluu (12)

Lecture 2
Lecture 2Lecture 2
Lecture 2
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
 
Firewall
FirewallFirewall
Firewall
 
Hardware
HardwareHardware
Hardware
 
Процессорын архитектур
Процессорын архитектурПроцессорын архитектур
Процессорын архитектур
 
6 network devices
6 network devices6 network devices
6 network devices
 
Бие даалт
Бие даалтБие даалт
Бие даалт
 
Switch configuration
Switch configurationSwitch configuration
Switch configuration
 
Switch configuration
Switch configurationSwitch configuration
Switch configuration
 
Dns server
Dns serverDns server
Dns server
 
User account policy
User account policyUser account policy
User account policy
 

Recently uploaded

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

NAT and PAT

  • 1. Managing IP Traffic with ACLs Scaling the Network with NAT and PAT Lecture 7
  • 2. Outline • Overview • Introducing NAT and PAT • Translating Inside Source Addresses • Overloading an Inside Global Address • Verifying the NAT and PAT Configuration • Troubleshooting the NAT and PAT Configuration • Summary
  • 3. Network Address Translation • An IP address is either local or global. • Local IP addresses are seen in the inside network.
  • 6. Configuring Static Translation Router(config)# ip nat inside source static local-ip global-ip • Establishes static translation between an inside local address and an inside global address Router(config-if)# ip nat inside • Marks the interface as connected to the inside Router(config-if)# ip nat outside • Marks the interface as connected to the outside
  • 7. Enabling Static NAT Address Mapping Example
  • 8. Configuring Dynamic Translation Router(config)# ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} • Defines a pool of global addresses to be allocated as needed. Router(config)# access-list access-list-number permit source [source-wildcard] • Defines a standard IP ACL permitting those inside local addresses that are to be translated. Router(config)# ip nat inside source list access-list-number pool name • Establishes dynamic source translation, specifying the ACL that was defined in the prior step.
  • 10. Overloading an Inside Global Address
  • 11. Configuring Overloading Router(config)# access-list access-list-number permit source source-wildcard • Defines a standard IP ACL that will permit the inside local addresses that are to be translated Router(config)# ip nat inside source list access-list-number interface interface overload • Establishes dynamic source translation, specifying the ACL that was defined in the prior step
  • 12. Overloading an Inside Global Address Example
  • 13. Clearing the NAT Translation Table Router# clear ip nat translation * • Clears all dynamic address translation entries Router# clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] • Clears a simple dynamic translation entry that contains an inside translation or both an inside and outside translation Router# clear ip nat translation outside local-ip global-ip • Clears a simple dynamic translation entry that contains an outside translation Router# clear ip nat translation protocol inside global-ip global-port local-ip local-port [outside local-ip local-port global-ip global-port] • Clears an extended dynamic translation entry
  • 14. Displaying Information with show Commands Router# show ip nat translations • Displays active translations Router# show ip nat translation Pro Inside global Inside local Outside local Outside global --- 172.16.131.1 10.10.10.1 --- --- Router# show ip nat statistics • Displays translation statistics Router# show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0 …
  • 15. Sample Problem: Cannot Ping Remote Host
  • 17. Using the debug ip nat Command Router# debug ip nat NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]
  • 18. Translation Not Installed in the Translation Table? Verify that: • The configuration is correct. • There are not any inbound ACLs denying the packets entry to the NAT router. • The ACL referenced by the NAT command is permitting all necessary networks. • There are enough addresses in the NAT pool. • The router interfaces are appropriately defined as NAT inside or NAT outside.