I think this is another bonus video from Chris Bryant, however extremely valuable to recap some NA basics.
Private non internet routable host is mapped to a routable address on a one to one fixed basis.
- No ACL required
- Inside and Outside interfaces are referenced with ‘ip nat inside’ and ‘ip nat outside’ commands.
- Global command issued to define Static NAT entry: ‘ip nat inside source static’
Private non internet routable host is mapped to a routable address on a dynamic basis from a range of IP addresses, which are specified by a NAT Pool.
- This time an ACL is used to identify the non routable addresses range – INSIDE ADDRESSES
- A NAT Pool is also created with ‘ip nat pool’ command – OUTSIDE ADDRESSES
- Inside and Outside interfaces are referenced with ‘ip nat inside’ and ‘ip nat outside’ commands under respective interfaces.
- Global command will reference the ACL of the private addresses and the NAT Pool
R3(config)#ip nat inside source list 1 pool NATPOOL R3(config)#ip nat pool NATPOOL 184.108.40.206 220.127.116.11 netmask 255.255.255.0
Private non internet routable host is mapped to a routable address AND a dynamic port number. This concept will still use an access list which defines the private addresses to be translated, but this time we set the command to use the physical exit interface with the ‘overload’ command added and the single /32 routable addressed on the outside of the router will be used.
The configuration is very similar to Dynamic NAT, however no POOL is configured or referenced, only the OUTSIDE interface:
R3(config)#interface ethernet0 R3(config-if)#ip nat inside R3(config-if)#interface serial0 R3(config-if)#ip nat outside R3(config-if)#ip nat inside source list 1 interface serial0 overload R3(config)#access-list 1 permit 10.5.5.0 0.0.0.255
RFC 1918 Private Address Space
- Class A: 10.0.0.0/8
- Class B: 172.16.0.0/12
- Class C: 192.168.0.0/16