Understanding the need for NAT
The Forms of NAT
Configuring NAT using the SDM

Understanding the need for NAT

• The Internet is just a massive network of networks
• So many devices connected, we ran out of IPv4 IP addresses
• NAT (Network Address Translation) allows many devices to share an Internet IP Address

How NAT Works

• Several devices on Private Network that want to access the Internet, but you only have 1 public IP.
  • .1.50 wants to access a web page.  Source IP:Port = 192.168.1.50:6751
    • NAT converts to Source IP:Port = 200.1.1.1:6751 and stores in the NAT Table
  • .1.51 wants to access a web page.  Source IP:Port = 192.168.1.51:1536
    • NAT converts to Source IP:Port = 200.1.1.1:1536
• 65,535 Ports available.
  • *IF* two PCs request the same Source Port, the Router will assign an available Port two one of the requests and store the change in the NAT Table.
    • .1.50:6751=200.1.1.1:6751, .1.51:6751=200.1.1.1:4567
    • This type of address translation is commonly called PAT, Port Address Translation, or “NAT Overload”
• Static NAT (Network Overload) will assign a 1:1 translation if specific traffic needs to go to a specific IP
  • 192.168.1.20 -> 200.1.1.2 (Static IP provided by ISP)

Using the SDM

Basic NAT: Same as PAT, or NAT Overload

Advanced NAT: Allows static mappings to allow traffic back into your network

Starting with Basic NAT (Can add Advanced later)

• Select Interface that connects to the Internet
• Check all Interfaces you want to share with the Internet connection
• Done!

r1(config)#access-list 1 remark ACL Category 2
r1(config)#access-list 1 permit 192.168.11.0 0.0.0.255
r1(config)#interface fastethernet0/0
r1(config-if)#ip nat inside
r1(config-if)#exit
r1(config)#interface fastethernet0/1
r1(config-if)#ip nat inside
r1(config-if)#exit
r1(config)#ip nat inside source list 1 interface 0/1 overload

Show Commands

show ip nat translations