Configuration Guide Configuring NAT
Use the ip nat { inside | outside } command to configure the interfaces as connected to the inside and outside.
NAT does not work on a data packet unless a route exists between the outside interface and the inside interface and
the data packet meets a certain rule. Therefore, at least one inside interface and one outside interface need to be
configured.
Configuring Static NAT
Static NAT is not configured by default.
Use the ip nat inside source static local-address global-address [ permit-inside ] [ netmask mask ] [ match
interface ] command to configure static one-to-one NAT mapping.
Configuring Dynamic NAT
Dynamic NAT is not configured by default.
Use the ip nat inside source list access-list-number pool address-pool command to configure dynamic NAT
mapping.
10.3.2 NAPT
In general, traditional NAT is one-to-one address mapping, which, however, cannot meet the requirements of all hosts in
intranets to communicate with extranets. For example, when the intranet is in short of global IP addresses or even does
not apply for global IP addresses but has only one global IP address to connect to an Internet Service Provider (ISP) while
a large number of hosts in the intranet need to access the Internet, NAPT is required in this scenario.
Multiple inside local addresses can map to one inside global address using NAPT.
Working Principle
NAPT, also known as multiple-to-one address translation, allows multiple inside addresses to map to one public address.
NAPT maps both IP addresses and port numbers; that is, the source addresses of data packets from different inside
addresses can map to the same public address, but their port numbers are translated into different port numbers of the
public address so that the same address can still be shared. NAPT is translation between "private IP address + Port
number" and "Public IP address + Port number".
Static NAPT
In general, static NAPT is used to map the specified port on a specified host in an intranet to the specified port of a global
address. In comparison, as mentioned previously, static NAT maps an internal host to a global address. Static NAPT is
applicable to intranet hosts that provide the information service. Static NAPT provides a permanent one-to-one "IP
address + Port" mapping relationship.
Dynamic NAPT
Dynamic NAPT is applicable to intranet hosts that only access extranet services but do not provide any information
service. Dynamic NAPT provides a temporary one-to-one "IP address + Port" mapping relationship.
Related Configuration
Configuring NAT Interfaces
By default, no interfaces are NAT interfaces.
To Next Page
Loading...
Need help?
General
