- NAT Terminology.
- NAT Principles of Operations.
- NAT Overloading Addresses.
- Knowledge of ACLs.
- Completed Lab 1-1.
- Completed Lab 1-2.
- Completed Lab 2-1.
- Completed Lab 2-2 Static NAT.
- Completed Lab 2-2 Dynamic NAT.
Topology Diagram
Connecting a LAN to the Internet requires a little thought as there are few ways of doing it. Here we are going to explore three of them:
- Static NAT (one-to-one translation)
- Dynamic NAT (many-to-many translation)
- Dynamic NAT Overload or PAT (many-to-one translation)
Task 1: Defining static IP addresses and setting a static default route.
Task 2: Configure NAT.
Task 3: Configure PAT.
Port Address Translation
(NAT Overload)
(NAT Overload)
Solution
Both, Dynamic NAT and PAT (Port Address Translation) are not used to allow users on the Internet to access local resources. They are designed to allow local users using private address scope to communicate on the Internet.
PAT is arguably the most popular way of connecting private network to the Internet. Before we do that let's clean up our previous lab configuration first:
On Branch Router:
Branch(config)#no ip nat inside source list 1 pool PUBLIC
Branch(config)#no ip nat pool PUBLIC 209.165.201.3 209.165.201.10 netmask 255.255.255.224
Branch(config)#
Now we're good to go with PAT configuration.
Since all is already configured except for nat command let's add it (line in blue)
ip address 10.1.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 209.165.201.1 255.255.255.224
ip nat outside
duplex auto
speed auto
!
ip nat inside source list 1 interface FastEthernet0/1 overload
!
ip route 0.0.0.0 0.0.0.0 209.165.201.2
!
ip flow-export version 9
!
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
The advantage of this NAT method is that all your router needs to have is one public IP Address configured on the interface facing the Internet. Ports used by communication at layer 4 will be used as distinguishing elements to allow router keep the track of the existing sessions.