Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1541
Views
0
Helpful
6
Replies

Dynamic Nat with Pat

kamlenegi
Level 1
Level 1

‎02-17-2017 05:28 AM - edited ‎03-08-2019 09:23 AM

Hi All,

Please help in configuring Dynamic NAT with PAT in Cisco ISR router 4431.

Thanks

Kamlesh

Labels:
0 Helpful
6 Replies 6

Julio E. Moisa
VIP
VIP

‎02-17-2017 05:08 PM

Hi

Example:

Interface g0/0
ip address <internal network>
ip nat inside 

interface g0/1
ip address <public network>
ip nat outside

ip access-list standard PRIVATE-NETS
permit 192.168.1.0 0.0.0.255

ip nat inside source list PRIVATE-NETS interface g0/1 overload

ip route 0.0.0.0 0.0.0.0 <Public IP next hop>

** The router must know the internal networks in order to be translated. 

If you have a public range, you could create a pool

ip nat pool TEST 150.X.X.5 150.X.X.7 netmask <subnet mask>

ip nat inside source list PRIVATE-NETS pool TEST overload

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

kamlenegi
Level 1
Level 1
In response to Julio E. Moisa

‎02-19-2017 08:39 AM

Hi Julio,

We want dynamic nat with pat configuration in router, for example we have dynamic nat ip pool is 192.168.1.0/24 and source address are 10.1.0.0/23.

Starting hits should be translate from 192.168.1.1 to 192.168.1.253 and rest of the IPs should be PAT with 192.168.1.254.

How we can achieve this configuration.

Thanks

Kamlesh

0 Helpful

Julio E. Moisa
VIP
VIP
In response to kamlenegi

‎02-19-2017 09:06 AM

Hi Kamlesh,

Please correct me if I am understanding wrong.

You already have a dynamic nat using a public pool to get Internet, but you want a PAT working in parallel with the dynamic NAT, but the PAT using the IP 192.168.1.254 as overload, is that correct?

For the PAT you could use:

ip nat pool TEST 192.168.1.254 192.168.1.254 netmask 255.255.255.0
ip nat inside source list PRIVATE-NETS pool TEST overload




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

kamlenegi
Level 1
Level 1
In response to Julio E. Moisa

‎02-19-2017 09:01 PM

Hi,

We want dynamic nat first and then pat if required. We have  500 source IPs and first 253 hits should be one to one mapping and rest will be overload with last ip address 192.168.1.254.

PAT should use when dynamic NAT pool fully utilized.

Thanks

Kamlesh

0 Helpful

Julio E. Moisa
VIP
VIP
In response to kamlenegi

‎02-19-2017 09:23 PM

Hi Kamlesh,

Thank you for the information, PAT could provide the connectivity for the 500 sources without inconveniences. Also you could configure different PATs for specific sources. Is the dynamic NAT used for special request? 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

kamlenegi
Level 1
Level 1
In response to Julio E. Moisa

‎02-19-2017 09:48 PM

Hi

Thanks, that is ok PAT can translate 65535 address but requirement is after fully utilizing the dynamic pool 192.168.1.1 - 192.168.1.253 then next hit will goes to PAT and use 192.168.1.254.

Thanks

Kamlesh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card