There are acouple of very useful Cisco IOS commands that can be used to do just that.Command show ip nat statisticsdisplays the number of static and dynamic NATtranslations, inside and outside interfaces, and the number of hits and misses.R1#show ip nat statisticsTotal active translations: 1 (1 static, 0 dynamic 0 extended)Outside interfaces:FastEthernet0/1Inside interfaces: 3. Similarly, returnpackets coming in at outside interface Fa0/1 would undergo translation ofdestination IP address.Lets now verify if NAT is actually working as it is supposed to work. More specifically the router would identify which of thesepackets have a source IP address of 192.168.1.2 and would change it to 89.203.12.47before forwarding the packet out the outside interface Fa0/1. Here we go:R1(config)#ip nat inside source static 192.168.1.2 89.203.12.47Here, we are telling the router to perform NAT on packets coming into the router onthe inside interface Fa0/0.
End with CNTL/Z.R1(config)#interface Fa0/0R1(config-if)#ip nat insideR1(config-if)#interface Fa0/1R1(config-if)#ip nat outsideR1(config-if)#endNow we would tell the router how to perform address translation and mention whichIP addresses (source or destination) to re-write in packets moving between the insideand outside interfaces. First, wehave to assign Fa0/0 as NAT inside interface and Fa0/1 as NAT outside interface on R1.This would tell the router that interesting traffic entering or exiting these twointerfaces will be subject to address translation.R1#conf termEnter configuration commands, one per line. The specific IP addressesinvolved are:Table 1 NAT Addresses for Figure AboveNAT Address Type IP AddressInside local 192.168.1.2Inside global 89.203.12.47Outside local 202.14.35.28Outside global 202.14.35.28You probably know very well how to configure IP addresses on router interfaces, sowe skip those configuration steps and move straight to the interesting stuff. interfaces: Fa0/0 on the inside and Fa0/1 on the outside. These addressesare not advertised to the inside.Lets jump right into NAT configuration on a Cisco router as shown in the Figurebelow:R1 is the router performing Network Address Translation (NAT) and has twoĢ. Outside global addresses are assigned to outside devices. Outside local are addresses by which outside devices are known to the inside.4.
Inside global are addresses by which inside devices are known to the outside.3. These addresses are notadvertised to the outside.2. Inside local addresses are assigned to inside devices. A local address is an address that is seen by devices on theinside, and a global address is an address that is seen by devices on the outside.Given these four terms, an address may be one of four types:1. Inaddition to the notion of inside and outside, a Cisco NAT router classifies addressesas either local or global. NAT can be performed both statically and dynamically.Static NAT simply maps one private IP address to a single public IP address, and this isthe flavor of NAT we are discussing in this tutorial.A Cisco router performing NAT divides its universe into the inside and the outside.Typically the inside is a private enterprise, and the outside is the public Internet. NAT ismost commonly performed by routers or firewalls however this tutorial focuses onNAT within Cisco routers. Private IP addresses aredefined in RFC 1918 and are addresses that cannot be used on the Internet.
How to Configure Static NAT on Cisco Routers?Network Address Translation (NAT) is an operation by which source and/ordestination IP addresses within a packet are replaced with different IP addresses.NAT conserves available IP address space by allowing many private IP addresses to berepresented by some smaller number of public IP addresses.