- NAT Terminology.
- NAT Principles of Operations.
- NAT Overloading Addresses.
- Knowledge of ACLs.
- Completed Lab 1-1.
- Completed Lab 1-2.
- Completed Lab 2-1.
- Completed Lab 2-2 Static NAT.
- Completed Lab 2-2 Dynamic NAT.
Connecting a LAN to the Internet requires a little thought as there are few ways of doing it. Here we are going to explore three of them:
- Static NAT (one-to-one translation)
- Dynamic NAT (many-to-many translation)
- Dynamic NAT Overload or PAT (many-to-one translation)
Task 1: Defining static IP addresses and setting a static default route.
Task 2: Configure NAT.
Task 3: Configure PAT.
Port Address Translation
Both, Dynamic NAT and PAT (Port Address Translation) are not used to allow users on the Internet to access local resources. They are designed to allow local users using private address scope to communicate on the Internet.
PAT is arguably the most popular way of connecting private network to the Internet. Before we do that let's clean up our previous lab configuration first:
On Branch Router:
Branch(config)#no ip nat inside source list 1 pool PUBLIC
Branch(config)#no ip nat pool PUBLIC 220.127.116.11 18.104.22.168 netmask 255.255.255.224
Now we're good to go with PAT configuration.
Since all is already configured except for nat command let's add it (line in blue)
ip address 10.1.1.1 255.255.255.0
ip nat inside
ip address 22.214.171.124 255.255.255.224
ip nat outside
ip nat inside source list 1 interface FastEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 126.96.36.199
ip flow-export version 9
access-list 1 permit 10.1.1.0 0.0.0.255
The advantage of this NAT method is that all your router needs to have is one public IP Address configured on the interface facing the Internet. Ports used by communication at layer 4 will be used as distinguishing elements to allow router keep the track of the existing sessions.