Showing results for 
Search instead for 
Did you mean: 

Stateful Network address translation


Let's take today about the stateful Nat [ SNAT]

-This is Feature give us translation more than one network address which mean Back up nat to the active failure. 

- Nat is great feature help us to permit the interconnection of private network to reach the Public network.

- SNAT work as active and back up scenario the active handle the traffic require translation ip address from Private to public.

- Back up SNAT is working as duplication all the translation which in the active table and once the active translator is down the back up will handle the translation and will replay to all requests. 

- There is Two phases of the SNAT , phase one was  not supported for the application level, 

Phase two is provide the application level and asymmetric routing [ Encryption method use two Keys to encrypt the plain text secret key is change over the internet] recommend to read one fully article about the asymmetric & symmetric.

-The mapping-id must be the same between them

-Redundancy string must match the standby name.  
Example for the SNAT configuration : 


Interface Gig 0/0/0

Description SNAT

Standby 10 name SNAT-DC

standby 10 ip address

ip nat inside 


interface Gig 0/0/1

Ip nat outside 


IP nat stateful id 10

redundancy SNAT-DC

Mapping-id 90


access-list nat 

10 permit 

Ip nat pool SNAT-POOL prefix-length 24 

Ip nat inside source list nat pool  SNAT-POOL mapping-id 90 overload 


router bgp 6508

bgp router-id

no bgp default  ipv4-unicast

neighbor remote-as 6509

address-family ipv4

network mask



some of commands help for T-shoot 

Show ip snat peer 

show ip snat distributeed  

show ip snat distributed verbose 

show standby


CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards