NAT Question
Kcolon1
Member Posts: 36 ■■□□□□□□□□
in CCNA & CCENT
Hey, I see all these posts about knowing NAT well for the 640-801 - I tried to look up some NAT information assuming that it's a whole chapter on it, but only found about 3-4 paragraphs. Can someone give me the rundown on NAT and the commands to configure it? The who, what, where, when and why's of NAT? Thanks!!! 
Comments
-
bighornsheep
Member Posts: 1,506
3 or 4 paragraphs? What book are you using?
You can get the NAT chapter originally for Sybex CCNA 5th edition here:
http://www.sybex.com/WileyCDA/SybexTitle/productCd-0782143911,navId-290611,pageCd-resources.htmlJack of all trades, master of none -
Kcolon1
Member Posts: 36 ■■□□□□□□□□
bighornsheep wrote:3 or 4 paragraphs? What book are you using?
You can get the NAT chapter originally for Sybex CCNA 5th edition here:
http://www.sybex.com/WileyCDA/SybexTitle/productCd-0782143911,navId-290611,pageCd-resources.html
Thanks - I have the sybex (Don't know which edition though), but I'm asking if someone can give me the detailed 411 on NAT, thanks. -
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
There's lots to NAT, you can look on Cisco's website for detailed information
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcg/tiad_c/nat/index.htm
The basics for the CCNA will include static nat, dynamic nat, and overloaded nat.
Static nat, this will always translate the inside host 192.168.100.50 to 10.1.1.2:interface serial 0/0 ip nat outside ip address 10.1.1.1 255.255.255.248 Interface FastEthernet 0/0 ip nat inside ip address 192.168.100.1 255.255.255.0 ip nat inside source static 192.168.100.50 10.1.1.2
Dynamic NAT, this will translate the inside hosts to a pool of addresses and any source host addresses matching the ACL will be translated:interface serial 0/0 ip nat outside ip address 10.1.1.1 255.255.255.248 Interface FastEthernet 0/0 ip nat inside ip address 192.168.100.1 255.255.255.0 ip nat pool www 10.1.1.2 10.1.1.6 netmask 255.255.255.248 Access-list 1 permit 192.168.100.0 0.0.0.255 ip nat inside source list 1 pool www
The problem with the above example is there are more inside local addresses than outside local addresses, this will lead to some inside host addresses not gettign translated
Overloaded NAT (Port address translation):interface serial 0/0 ip nat outside ip address 10.1.1.1 255.255.255.248 Interface FastEthernet 0/0 ip nat inside ip address 192.168.100.1 255.255.255.0 Access-list 1 permit 192.168.100.0 0.0.0.255 ip nat inside source list 1 interface serial 0/0 overload
This example will translate all of the inside local addresses to the inside global address of the serial 0/0 interface by translating the source IP address and the tcp/udp port information (the overload keyword tells the router to do this)The only easy day was yesterday!