cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1746
Views
0
Helpful
5
Replies

NAT Configuration

Ahmed Malik
Level 1
Level 1

So i been studying NAT configuration and i do know that there is Static NAT and Dynamic AT. But when it comes to configuring NAT on a router this is where i get confused.

Below you will see the image i am using for NAT configuration..

And here are the commands i have been studying for NAT configuration.

Router>enable

Router#configure terminal

Router(config)#interface fastethernet0/1

Router(config-if)#ip address 172.16.1.1 255.255.255.0

Router(config-if)#ip nat inside

Router(config-if)#exit

Router(config)#interface fastethernet0/0

Router(config-if)#ip address 10.1.6.199 255.255.252.0

Router(config-if)#ip nat outside

Router(config-if)#exit

Now after this, the next part i don't understand especially where prefix and access list commands are involved

Router(config)#ip nat pool no-overload 10.1.6.100 10.1.6.198 prefix 22

Router(config)#ip nat inside source list 10 pool no-overload

Router(config)#access-list 10 permit 172.16.0.0 0.0.0.254

Router(config)#exit

So if anyone can help me out here please.

Regards,

Ahmed

5 Replies 5

shehinpm1
Level 1
Level 1

Hi Ahmed,

u will have to put this command to make it working "ip nat inside source list 10 pool no-overload overload

to translate u r 172.16.0.0 private subnet to that perticular pool of ips.

Ok, but what i dont understand is that, what does prefix 22 mean? does it always have to be Prefix 22 or it can be prefix 24 or any other number and can you tell me what do "source list 10" and "access-list 10" stand for?

Hi Ahmed

Make the prefix same as the subnet mask of the outside interface

Example if the masknof the outside interface is 255.255.255.0 then the prefix has to be 24

And I am not sure about yor LAN subnet but ibthink your acl 10 wildcard

Is wrong

Make is 0.0.0.255 if the LAN is /24

HTH

If helpful rate

HI Ahmed,

i hope u got the concepts of subnet mask and prefix-length from the above post,

here are some more information

in case of class a 10.10.10.1 255.0.0.0 the prefix length will be /8,if u r doing 8 bit subneting with class a it will be

10.10.10.1 255.255.0.0 prefix will be /16.

suppose if u got the public ip pool 91.224.2.16/28,  mask 255.255.255.240

in nat configuration it will be "ip nat pool no-overload 91.224.2.17 91.224.2.30 prefix-length 28"

Hi,

To do nat overload you can define your public ip you want to nat to with a 1 IP pool:

-ip nat pool overload_pool 172.16.1.1 172.16.1.1 prefix-length 24 or

-ip nat pool overload_pool 172.16.1.1 172.16.1.1 255.255.255.0

then ip nat inside source list 10 overload_pool overload

or you can use the IP address of your public facing interface

ip nat inside source list 10 interface x/x  note: no need to specify overload because in this case IOS will add it in the running

the prefix notation is a shorter way of specifying subnet mask

source list 10 references the ACL 10 which specifies which addresses should be natted

Regards.

Alain.

Don't forget to rate helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: