Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.



Published on

  • Be the first to comment

  • Be the first to like this


  1. 1. NETWORK ADDRESS TRANSLATION Example Topology Address Classification An actual address assigned to Inside Local an inside host An inside address seen from Inside Global the outside An actual address assigned to FastEthernet0 FastEthernet1 Outside Global an outside host NAT Inside NAT Outside An outside address seen from Outside Local the inside NAT Boundary Configuration Perspectiveinterface FastEthernet0 Local Global ip address ip nat inside Location! Inside Inside Local Inside Globalinterface FastEthernet1 ip address ip nat outside Outside Outside Local Outside Global Static Source Translation Terminology! One line per static translation NAT Poolip nat inside source static A pool of IP addresses to be used as insideip nat inside source static global or outside local addresses in translationsip nat outside source static Port Address Translation (PAT)ip nat outside source static An extension to NAT that translates information at layer four and above, such as TCP and UDP Dynamic Source Translation port numbers; dynamic PAT configurations include the overload keyword! Create an access list to match inside local addressesaccess-list 10 permit Extendable Translation! The extendable keyword must be appended! Create NAT pool of inside global addresses when multiple overlapping static translations areip nat pool MyPool prefix-length 24 configured!! Combine them with a translation rule Special NAT Pool Typesip nat inside source list 10 pool MyPool Rotary Used for load balancing!! Dynamic translations can be combined with static entries Match- Preserves the host portion ofip nat inside source static Host the address after translation Port Address Translation (PAT) Troubleshooting! Static layer four port translations show ip nat translations [verbose]ip nat inside source static tcp 8080 80 show ip nat statisticsip nat inside source static udp 53 53ip nat outside source static tcp 23 23 clear ip nat translations!! Dynamic port translation with a pool NAT Translations Tuningip nat inside source list 11 pool MyPool overload! ip nat translation tcp-timeout <seconds>! Dynamic translation with interface overloading ip nat translation udp-timeout <seconds>ip nat inside source list 11 interface FastEthernet1 overload ip nat translation max-entries <number> Inside Destination Translation! Create a rotary NAT poolip nat pool LoadBalServers prefix-length 24 type rotary!! Enable load balancing across inside hosts for incoming trafficip nat inside destination list 12 pool LoadBalServersby Jeremy Stretch v1.0