Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCNP CCIE Complete : Configuring Dynamic NAT

Configuring Dynamic NAT

Nov 27,2008 by alperen

small font medium font large font
image

Configuring Dynamic NAT
Dynamic NAT is used to map inside local IP addresses to inside global IP addresses on the fly
from a pool of available IP addresses. Again, you must have IP addresses assigned to the interfaces
on the router that will be participating in the NAT process in order for IP processing on
those interfaces to occur.
The dynamic NAT configuration starts in global configuration mode. In our example network,
we will use one interface connected to the inside network (Ethernet0) and one interface
connected to the Internet (Serial0). When a host on the inside of the network wants to communicate
with a host on the Internet, the NAT border router receives a packet from an interface
marked as NAT inside. The outbound interface is marked as NAT outside, and so the router
will choose an available IP address from the pool and assign it to the NAT table entry. Once an
IP address is allocated, it cannot be allocated to another translation entry until that entry times
out or is manually removed.

When traffic goes from inside to outside, NAT translations happen after routing has taken
place. Therefore, any access lists or policy routing will have been applied before the NAT translation
happens. An access list will need to be created to inform the NAT process what traffic will
be translated and what traffic will not. The next step is to configure a pool of IP addresses that
will be allocated to outbound sessions. This is done with the ip nat pool command. The syntax
of this command is as follows:
ip nat pool pool-name start-ip end-ip netmask net-mask
or
ip nat pool pool-name start-ip end-ip prefix-length length
The pool-name is any unique string that identifies this address pool. The start-ip and
end-ip are the starting and ending IP addresses within the pool. The net-mask is the network
mask in dotted-decimal format that will be used with the addresses in the pool. Optionally, you
can use the prefix-length keyword followed by the length of the CIDR prefix instead of
using a network mask. Finally, you need to tie the access list and pool together with the ip nat
inside source command. The following is the syntax of this command:
ip nat inside source list acc-list pool pool-name
The acc-list is the number or name of the access list you created that specifies the traffic
to NAT, and the pool-name is the unique string used when you created the pool of IP addresses.
The following is an example of configuring dynamic NAT using a pool:
Border(config)#interface ethernet0
Border(config-if)#ip nat inside
Border(config-if)#interface serial0
Border(config-if)#ip nat outside
Border(config-if)#exit
Border(config)#access-list 12 permit 10.1.2.0 0.0.0.255
Border(config)#ip nat pool OUTBOUND 200.1.1.2 200.1.1.254 prefix-length 24
Border(config)#ip nat inside source list 12 pool OUTBOUND
Border(config)#

315 times read

Related news
» Configuring NAT for Overlapping Addresses
by alperen posted on Nov 27,2008
» Configuring NAT Using Overloading
by alperen posted on Nov 27,2008
» Dynamic NAT-Define a Pool of Global IP Addresses to Be Allocated
by alperen posted on Sep 09,2009
» Configuring TCP Load Distribution
by alperen posted on Nov 27,2008
» Using NAT and PAT Together
by alperen posted on Feb 03,2010
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.