09-15-2008 11:29 PM - edited 03-06-2019 01:24 AM
I'm currently working with NAT ready for my CCNA next week. I read up on NAT last night but have a few questions.
Lets say you have this scenario.
interface s0/0
ip nat outside
ip address 98.65.12.5 255.255.255.252
interface Ethernet 0
ip nat inside
ip address 192.168.1.1 255.255.255.0
ip nat inside source list 50 serial 0/0
access-list 50 permit 192.168.1.0 0.0.0.255
This configuration would only allow one host out at a one time that has an IP address that falls within the permit statement and because I have not overloaded it right?
If somebody on the outside was to ping 98.65.12.5, this would not be translated to an internal address because I haven't created static NAT entry, the packet would be dropped?
Lets say, if I add 'ip nat inside source static 192.168.1.4 20 98.65.12.5' and a host from the outside pinged 98.65.12.5, this would be translated and forwarded to 192.168.0.4 and this would also work vice versa?
Last of all,
If I created a pool of address, let's say from 200.200.0.1 200.200.0.7 255.255.255.248 and I configured the NAT statement with OUT overload, only 7 connections would be able get to the internet right using the pool of addresses, but if I overloaded the NAT statement, each IP address from the pool statement would be able to work with every available port number if needed?
Thanks,
Garry
09-16-2008 01:37 AM
for ur first question u were right
for next question u were right but for ping if u ping the router external ip and u dont have static nat this ping wil not droped because u pinging the router unless u have an ACL deny it
for third question u were right as well
for last question if u have overload with those 7 IPs in the pool the pool will be used once it reach the last one it gonna make PATing ovelroading using ports as u stated :)
good luck in ur CCNA exam
if helpful Rate
09-16-2008 02:26 AM
Thanks for your reply! Very helpful!
Regarding the pool addresses, the last scenario. Just to clear this up, lets say for simplicity reasons there are a total of 5 ports available for PAT(overload) and i have configured a NAT pool of 7 IPs.
So would the first nat transactions for the first IP address in NAT pool go like..
200.200.0.1:1
200.200.0.1:2
200.200.0.1:3
200.200.0.1:4
200.200.0.1:5
And then, next IP in the NAT pool...
200.200.0.2:1
200.200.0.2:2
200.200.0.2:3
200.200.0.2:4
200.200.0.2:5
And so on...
Thanks,
Garry
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide