🌐
CCNA Prep
  • Intro
  • Network Devices
  • Interfaces and Cables
  • OSI Model & TCP/IP Suite
  • Intro to the CLI
  • Ethernet LAN Switching (Part 1)
  • Ethernet LAN Switching (Part 2)
  • IPv4 Addressing (Part 1)
  • IPv4 Addressing (Part 2)
  • Switch Interfaces
  • IPv4 Header
  • Routing Fundamentals
  • The Life of a Packet
  • Subnetting (Part 1)
  • Subnetting (Part 2)
  • Subnetting (Part 3 - VLSM)
  • VLANs (Part 1)
  • VLANs (Part 2)
  • VLANs (Part 3)
  • DTP/VTP
  • Spanning Tree Protocol (Part 1)
  • Spanning Tree Protocol (Part 2)
  • Rapid Spanning Tree Protocol
  • EtherChannel
  • Dynamic Routing
  • RIP & EIGRP
  • OSPF (Part 1)
  • OSPF (Part 2)
  • OSPF (Part 3)
  • First Hop Redundancy Protocols
  • TCP & UDP
  • IPv6 (Part 1)
  • IPv6 (Part 2)
  • IPv6 (Part 3)
  • Standard ACLs
  • Extended ACLs
  • CDP & LLDP
  • NTP
  • DNS
  • DHCP
  • SNMP
  • Syslog
  • SSH
  • FTP & TFTP
  • NAT (Part 1)
  • NAT (part 2)
  • QoS (Part 1)
  • QoS (Part 2)
  • Security Fundamentals
  • Port Security
  • DHCP Snooping
  • Dynamic ARP Inspection
  • LAN Architectures
  • WAN Architectures
  • Virtualization & Cloud, Containers, VRF
  • Wireless Fundamentals
  • Wireless Architectures
  • Wireless Security
  • Wireless Configuration
  • Network Automation
  • JSON, XML, & YAML
  • REST APIs
  • Software-Defined Networking
  • Ansible, Puppet, & Chef
Powered by GitBook
On this page

NAT (Part 1)

Day 44

PreviousFTP & TFTPNextNAT (part 2)

Last updated 1 year ago

RFC 1918 specifies the following IPv4 address ranges as private:

  • 10.0.0.0/8 (10.0.0.0 to 10.255.255.255)

  • 172.16.0.0/12 (172.16.0.0 - 172.31.255.255)

  • 192.168.0.0/16 (192.168.0.0 - 192.168.255.255)

Private IP addresses can't be used over the internet.

NAT (Network Address Translation) is used to modify the source and/or the destination IP addresses of packets. One of the reasons to use NAT is to allow hosts with private addresses to communicate with other hosts over the internet.

Static NAT

Static NAT involves statically configuring one-to-one mappings of private IP addresses to public IP addresses. It allows devices with private addresses to communicate over the internet. However, it doesn't help to preserve IP addresses. An inside local IP address is mapped to an inside global IP address.

  • An inside local address is the IP address of the inside host from the perspective of the local network - the IP address actually configured on the interface (usually a private address).

  • An inside global address is the IP address of the inside host from the perspective of outside hosts - the IP address of the inside host after NAT (usually a public address).

  • An outside local address is the IP address of the outside host from the perspective of the local network.

  • An outside global address is the IP address of the outside host from the perspective of the outside network.

Configuration

To configure static NAT on Cisco IOS:

  1. Define the inside and outside interfaces and from the interface config mode enter the command ip nat followed by inside - for the internal network, outside - for the external network.

  2. Configure the one-to-one IP address mappings - ip nat inside source static followed by the inside local and the inside global IP addresses.

To view the active NAT translations, use the command show ip nat translations. To clear the NAT translation table, use the command clear ip nat translation *. This deletes all entries for dynamic NAT translations. Static NAT entries remain the same. To view the NAT statistics, enter the command show ip nat statistics.

8KB
Day 44 Flashcards - NAT (Part 1).apkg
71KB
Day 44 Lab - Static NAT.pkt
Summary
nat demo
summary