Nat and Pat configuration :
________________________________________
Follow us on Facebook
Follow us on Google+
________________________________________
1. Set the automatic translation of addresses:
Router(config)#ip nat inside source static ip local ip global
2. Declare the internal interface:
Router(config-if)#ip nat inside
3. Represent the external interface:
Router(config-if)#ip nat outside
Router(config)#ip nat translation timeout time_out seconds *
* la valeur par défaut est 24H
Router(config)#ip nat inside source static ip local ip global
2. Declare the internal interface:
Router(config-if)#ip nat inside
3. Represent the external interface:
Router(config-if)#ip nat outside
Exemple :
Router(config)#ip nat inside source static 10.1.1.2 179.19.32.16
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
2. NAT dynamique :
1. Define the address pool:
Router(config)#ip nat pool name ip début ip fin netmask mask
2. Define a standard access-list that indicate which addresses should be translated:
Router(config)#access-list numéro permit source wildcard
3. Establish dynamic source translation, specifying the access-list:
Router(config)#ip nat inside source list numéro pool name
4. Declare the internal interface:
Router(config-if)#ip nat inside
5. Represent the external interface:
Router(config-if)#ip nat outside
Router(config)#ip nat pool name ip début ip fin netmask mask
2. Define a standard access-list that indicate which addresses should be translated:
Router(config)#access-list numéro permit source wildcard
3. Establish dynamic source translation, specifying the access-list:
Router(config)#ip nat inside source list numéro pool name
4. Declare the internal interface:
Router(config-if)#ip nat inside
5. Represent the external interface:
Router(config-if)#ip nat outside
Exemple :
Router(config)#ip nat pool my-internet 179.9.8.17 179.9.8.30 netmask
255.255.255.0
Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255
Router(config)#ip nat inside source list 1 pool my-internet
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
255.255.255.0
Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255
Router(config)#ip nat inside source list 1 pool my-internet
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
3. Overload ( PAT ) with a single global address :
1. Define a standard access-list to determine which addresses should be translated:
Router(config)#access-list numéro permit source wildcard
2. Establish dynamic source translation, specifying the access-list:
Router(config)#ip nat inside source list numéro interface interface overload
3. Declare the internal interface:
Router(config-if)#ip nat inside
4. Represent the external interface:
Router(config-if)#ip nat outside
Router(config)#access-list numéro permit source wildcard
2. Establish dynamic source translation, specifying the access-list:
Router(config)#ip nat inside source list numéro interface interface overload
3. Declare the internal interface:
Router(config-if)#ip nat inside
4. Represent the external interface:
Router(config-if)#ip nat outside
Exemple :
Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255
Router(config)#ip nat inside source list 1 interface s0 overload
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
Router(config)#ip nat inside source list 1 interface s0 overload
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
4. Overload ( PAT ) with a pool of public addresses :
1. Define a standard access-list to determine which addresses should be translated:
Router(config)#access-list numéro permit source wildcard
2. Or define the address pool:
Router(config)#ip nat pool name ip début ip fin netmask mask
3. Establish dynamic source translation, specifying the access-list:
Router(config)#ip nat inside source list numéro pool name overload
4. Represent the internal interface:
Router(config-if)#ip nat inside
5. Represent the external interface:
Router(config-if)#ip nat outside
Router(config)#access-list numéro permit source wildcard
2. Or define the address pool:
Router(config)#ip nat pool name ip début ip fin netmask mask
3. Establish dynamic source translation, specifying the access-list:
Router(config)#ip nat inside source list numéro pool name overload
4. Represent the internal interface:
Router(config-if)#ip nat inside
5. Represent the external interface:
Router(config-if)#ip nat outside
Exemple :
Router(config)#access-list 1 permit 10.0.0.0 0.255.255.255
Router(config)#ip nat pool my-internet 179.9.8.17 179.9.8.30 netmask
255.255.255.0
Router(config)#ip nat inside source list 1 pool my-internet overload
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
5. Configurer la durée de validité d’une traduction :Router(config)#ip nat pool my-internet 179.9.8.17 179.9.8.30 netmask
255.255.255.0
Router(config)#ip nat inside source list 1 pool my-internet overload
Router(config)#interface e0
Router(config-if)#ip nat inside
Router(config-if)#interface s0
Router(config-if)#ip nat outside
Router(config)#ip nat translation timeout time_out seconds *
* la valeur par défaut est 24H
6. Checking NAT configuration and Pat :
To view the NAT configuration:
Router#show run
To delete all dynamic entries from the NAT table:
Router#clear ip nat translation *
To delete a dynamic entry in the NAT table:
Router#clear ip nat translation inside global-ip local-ip [ ouside local-ip
global-ip ]
[ ] = optionnel
To delete a dynamic input range of the NAT table:
Router#clear ip nat translation protocol inside global-ip global- port local- ip
local- port [ ouside local- ip local-port global-ip global-port ]
Pour voir les translations NAT actives :
Router#show ip nat translations [ verbose ]
L’option verbose donne plus de détail.
Pour voir les statistiques de traduction :
Router#show ip nat statistics
Router#show run
To delete all dynamic entries from the NAT table:
Router#clear ip nat translation *
To delete a dynamic entry in the NAT table:
Router#clear ip nat translation inside global-ip local-ip [ ouside local-ip
global-ip ]
[ ] = optionnel
To delete a dynamic input range of the NAT table:
Router#clear ip nat translation protocol inside global-ip global- port local- ip
local- port [ ouside local- ip local-port global-ip global-port ]
Pour voir les translations NAT actives :
Router#show ip nat translations [ verbose ]
L’option verbose donne plus de détail.
Pour voir les statistiques de traduction :
Router#show ip nat statistics
7. Troubleshooting NAT and PAT :
Based on the show run command to examine the configuration and determine what
what does this configuration.
Verify that the translation is done with the following commands:
Router#show ip nat translations [ verbose ]
Router#show ip nat statistics
Router#debug ip nat [ detailed ]
what does this configuration.
Verify that the translation is done with the following commands:
Router#show ip nat translations [ verbose ]
Router#show ip nat statistics
Router#debug ip nat [ detailed ]
