Configuring IP Addressing

Configuring Network Address Translation

Host 1.1.1.1 receives the packet and continues the conversation. The router performs Steps 2 through 5 for each packet.

Configuring Static Translation

To configure static inside source address translation, use the following commands in global configuration mode:

 

Command

Purpose

Step 1

 

 

Router(config)# ip nat inside source static local-ip

Establishes static translation between an inside local

 

global-ip

address and an inside global address.

Step 2

 

 

Router(config)# interface type number

Specifies the inside interface and enters interface

 

 

configuration mode.

Step 3

 

 

Router(config-if)# ip nat inside

Marks the interface as connected to the inside.

Step 4

 

 

Router(config)# interface type number

Specifies the outside interface and enters interface

 

 

configuration mode.

Step 5

 

 

Router(config-if)# ip nat outside

Marks the interface as connected to the outside.

 

 

 

The previous steps are the minimum you must configure. You could also configure multiple inside and outside interfaces.

Configuring Dynamic Translation with an Access List

To configure dynamic inside source address translation with an access list, use the following commands in global configuration mode:

 

Command

 

Purpose

Step 1

 

 

 

Router(config)# ip

nat pool name start-ip end-ip

Defines a pool of global addresses to be allocated as

 

{netmask netmask

prefix-length prefix-length}

needed.

Step 2

 

 

Router(config)# access-listaccess-list-number

Defines a standard access list permitting those

 

permit source [source-wildcard]

addresses that are to be translated.

Step 3

 

 

 

Router(config)# ip

nat inside source list

Establishes dynamic source translation, specifying

 

access-list-number

pool name

the access list defined in the prior step.

Step 4

 

 

Router(config)# interface type number

Specifies the inside interface and enters interface

 

 

 

configuration mode.

Step 5

 

 

 

Router(config-if)#

ip nat inside

Marks the interface as connected to the inside.

Step 6

 

 

Router(config)# interface type number

Specifies the outside interface and enters interface

 

 

 

configuration mode.

Step 7

 

 

 

Router(config-if)#

ip nat outside

Marks the interface as connected to the outside.

 

 

 

 

Note The access list must permit only those addresses that are to be translated. (Remember that there is an implicit “deny all” at the end of each access list.) An access list that is too permissive can lead to unpredictable results.

Cisco IOS IP Configuration Guide

IPC-38

Page 83 Page 85
Page 84
Image 84
Cisco Systems 78-11741-02 Configuring Static Translation, Configuring Dynamic Translation with an Access List, IPC-38
Page 83 Page 85
Top Page Image Contents