Network Abode Translation (NAT)
Dynamic NAT Configuration
Table 8.4 lists the commands you’ll charge to actualize activating NAT:
Dynamic NAT agency we accept a basin of addresses that we will use to accommodate absolute IP
addresses to a accumulation of users on the inside. We do not use anchorage numbers, so we charge to have
real IP addresses for every user aggravating to get alfresco the bounded network.
Here is a sample achievement of a activating NAT configuration:
ip nat basin todd 170.168.2.2 170.168.2.254
netmask 255.255.255.0
ip nat central antecedent account 1 basin todd
!
interface Ethernet0
ip abode 10.1.1.10 255.255.255.0
ip nat inside
!
interface Serial0
ip abode 170.168.2.1 255.255.255.0
ip nat outside
!
access-list 1 admittance 10.1.1.0 0.0.0.255
!
TABLE 8 . 4
Dynamic NAT Commands
Command Meaning
ip nat pool
pool_name starting_ address
ending_address mask
Creates a basin of central all-around addresses for
the central bounded hosts to use
ip nat central antecedent list
list_number
pool
pool_name
Sets the central bounded hosts that bout the
access-list cardinal to use the basin of
addresses configured by the
ip nat pool
command
ip nat inside
Sets the central bounded interface
ip nat ouside
Sets the central all-around interface
access-list
list_number
permit
network
inverse_mask
Creates an admission account that permits the inside
local hosts to use the all-around basin of addresses
The
ip nat inside source list 1 pool todd
command tells the router to translate
IP addresses that match
access-list 1
to an address found in the IP NAT pool named
todd
.
The access list in this case is not being used to permit or deny traffic as we would use it for security
reasons to filter traffic. It is being used in this case to select or designate what we often call
“interesting” traffic. When interesting traffic has been matched with the access list, it is pulled
into the NAT process to be translated. This is a common use for access lists; they don’t always
have the dull job of just blocking traffic at an interface.
The
ip nat pool todd 170.168.2.2 192.168.2.254
command creates a pool of
addresses that will be distributed to those hosts that require NAT.