How to Configure the NAT in Cisco Router Step by Step?
Hi there, Welcome back with another quick article! In this article, I would like to explain NAT(Network Address Translation) and
and configure the NAT in the cisco router steps to set up NAT in the Cisco router.
What is NAT?
In simple terms, NAT is a technique of mapping one IP address space to another IP address space(private or public). NAT is developed due to the depletion of IPv4 address space.
What is Public & Private IP space?
There are specific IP blocks allocated as public and private IP spaces.
Private IP Address Ranges:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/24
IP addresses except the above ranges are defined as public IP ranges. The public IP range is not enough to address all devices on the internet. IPv4 is the first IP protocol and early in the days that address space is enough to address all the devices. But nowadays, with the rapid development of IoT devices, IPv4 public range is not enough to address them all. That’s why we use a technique called “NAT”. Let’s continue with cisco terms about NATs.
Cisco defined term about NAT
- Inside Local IP: The IP address assigned to the host in the local network.
- Inside Global IP: IP address assigned by the ISP that represents one or more internal hosts.
- Outside Local IP: IP address of the outside host that appears to the internal host.
- Outside Global IP: IP address assigned to the host in the outside network. The address assigned from public IP space.
What are NAT Types?
There are three types of NAT techniques as follows.
- Static NAT
- Dynamic NAT
- Port Address Translation
Lets talk one by one for better understanding.
1.Static NAT
Static NAT is used to map an inside local IP to another Inside global IP. In simply, this is one to one mapping. This method is used, when we need to access our internal network devices from outside networks. The best example is the server in the internal network.
How to configure static NAT in the Cisco router?
The following command is used to add a static NAT into the Cisco router.
ip nat inside source static <inside-local-IP> <inside-global-ip>
Suppose we have a server in our internal network and we need to access it from outside network. But the server has a private IP address and that cannot route through the internet. For this type of situation, we can implement a static NAT.
Example:
Internal Server IP: 192.168.1.10
Public IP from ISP: 112.65.10.20
ip nat inside source static 192.168.1.10 112.65.10.20
After configuring any type of NAT, we need to specify which interface is inside the network and which interface is outside. To do this use following commands.
For inside interface (gig 0/0)
interface gig 0/0
ip nat inside
For Outside interface (gig 0/1)
interface gig 0/1
ip nat outside
2. Dynamic NAT
Dynamic NAT is many to many mapping between IP address spaces. In this type NAT, there are many of inside global IPs and local IPs. NAT table is used to save which IP is mapped to which one. To configure Dynamic NAT refer the following code lines.
Mainly there are 3 things to configure this type of NAT.
- Create an access list
- Create NAT Pool
- Bind NAT pool and Access List
1.Create Access List
To filter which IPs are able to translate through the NAT, we configure an access list. Suppose we need to accept only hosts in 192.168.1.0/24 network. ACL configurations as follows.
access-list 10 permit 192.168.1.0 0.0.0.255
2. Create NAT Pool
To map inside local IP to Global IP, we need to have sufficient inside the global IP pool. Suppose we have 10 IPs in 20.0.0.0/24 public IP block. To configure this pool, use the following code lines.
ip nat pool NATPOOL 20.0.0.1 20.0.0.10 netmask 255.255.255.0
3. Bind NAT pool and Access List
After configuring access list and NAT pool, we need to bind them together.
ip nat inside source list 10 pool NATPOOL
That’s all for Dynamic NAT. For any type of NAT configuration, we need to specify which interface is inside and which interface is outside.
3. Port Address Translation
This is the commonly using NAT type in anywhere. With this type of NAT we can use one inside global ip to map 65,536 of inside local IPs(theoretically).
The process of configuring PAT is the same as the dynamic NAT. Cisco refers to this type of NAT as overloading. Use the following codes to configure PAT in the Cisco router.
Access List for filer the IPs
access-list 10 permit 192.168.1.0 0.0.0.255
Suppose we have assigned an IP from ISP to gig 0/0 interface (Outside interface). So, use the following command.
ip nat inside source list 10 interface gig 0/0
After this command, We need to specify inside and outside interfaces to router.
That’s all about NAT and Its functions! If you have any question, leave a comment below.
Way cool! Some very valid points! I appreciate you penning this article and also the rest of the website is really good. Moses Pake