NAT Question

NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
in CCNA & CCENT
Ok I seem to have some confusion over the terms that they explain with NAT. I understand how NAT works and use it at home for port mapping and redirection and such. The book says:

Inside / Local -> essentially your local LAN address
Inside / Global -> your public IP address
Outside / Global -> any standard internet IP address
Outside / Local -> I have no clue

Seems the last part is whats throwing me off. Any advice?
Modular Learning - Learn Something New

SE Notebook
· Share on FacebookShare on Twitter

Comments

  • APAAPA Member Posts: 959
    Outside - Local = Any address you wish your inside clients to use which you will then map to the Outside -Global address (the real live IP)

    Think of a situation where you want to hide a DMZ server address or an external server address from your internal clients... Hence you control this via your outside nat's

    Thus - inside clients will only utilize the Outside-Local addres, they should never use the real address as identified by the Outside-Global address.

    Another situation would be where a clash of IP addressing happens and you need to translate the real outside address (Outside-Global) to something your inside hosts can use to bypass IP addressing\routing conflicts...(Outside-Local).

    Hope this helps :)
    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
    · Share on FacebookShare on Twitter
  • NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
    Now why couldn't the book just explain it that way icon_wink.gif The example definitely makes things most clear. Thank you for the example.
    Modular Learning - Learn Something New

    SE Notebook
    · Share on FacebookShare on Twitter
  • mattrgeemattrgee Member Posts: 201
    I always thought of it as:

    Inside / Local -> my lan address
    Inside / Global -> my public addres
    Outside / Global -> their public address
    Outside / Local -> their lan address
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    The easiest way to learn IMO is to set it up and do a "sho ip nat trans"
    1811_TEST_ROUTER#ping 4.4.4.4 source 10.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1 
.....
Success rate is 0 percent (0/5)
1811_TEST_ROUTER#sho ip nat trans
Pro Inside global      Inside local       Outside local      Outside global
icmp 10.5.5.5:36    10.1.1.1:36        4.4.4.4:36         4.4.4.4:36
1811_TEST_ROUTER#
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • blackninjablackninja Member Posts: 385
    networker050184 wrote: »
    The easiest way to learn IMO is to set it up and do a "sho ip nat trans"
    1811_TEST_ROUTER#ping 4.4.4.4 source 10.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1 
.....
Success rate is 0 percent (0/5)
1811_TEST_ROUTER#sho ip nat trans
Pro Inside global      Inside local       Outside local      Outside global
icmp 10.5.5.5:36    10.1.1.1:36        4.4.4.4:36         4.4.4.4:36
1811_TEST_ROUTER#


    The exact way I came to understand it :)
    Currently studying:
    CCIE R&S - using INE workbooks & videos

    Currently reading:
    Everything. Twice ;)
    · Share on FacebookShare on Twitter
Sign In or Register to comment.