Source NAT using static and pools

Configuring and verifying inside source NAT using static and pools on Cisco routers.

NAT

Network Address Translation (NAT) is a technology used in networking to enable devices on a private network to access the internet. NAT is used to translate private IP addresses to public IP addresses and vice versa. It enables a network to have a single public IP address while all devices on the network use private IP addresses.

 

 

Understanding NAT

NAT (Network Address Translation) is a technique used in computer networking to allow devices on a private network to access the internet using a single public IP address.

To relate this to translation between languages, imagine that you are translating the word "hello" from English to German, and then from German to French. In English, "hello" means "hello." In German, it is translated to "hallo," and in French, it is translated to "bonjour." Each language has its own word for "hello," just as each device on a private network has its own private IP address.

When a device on a private network wants to access the internet, the NAT device translates the private IP address of the device to the public IP address of the NAT device. This is similar to translating the word "hello" from one language to another. The private IP address is translated to the public IP address, just as "hello" is translated to "hallo" or "bonjour."

For example, let's say you have a home network with several devices connected to it, each with their own private IP address. When one of these devices wants to access the internet, the NAT device on your network translates its private IP address to the public IP address assigned to your home network by your internet service provider. This allows the device to communicate with servers on the internet, just as translating "hello" to "hallo" or "bonjour" allows you to communicate with speakers of those languages.

Topology to Explain NAT

Let's consider a network topology that consists of two routers and a switch. R1 is connected to the internet while R2 is connected to the local network. The topology looks like this:

In this topology, R1 is connected to the internet and has a public IP address of 1.1.1.1/24. R2 is connected to the local network and has a private IP address of 10.1.1.1/24.

Configuring Inside Source NAT using Static

Now, we'll configure inside source NAT using static NAT on R1. Static NAT maps a specific private IP address to a specific public IP address. In this example, we'll map the private IP address of R2 (10.1.1.1) to the public IP address of R1 (1.1.1.1).

On R1, enter the following commands in global configuration mode:

 
R1(config)# interface GigabitEthernet 0/0
R1(config-if)# ip address 1.1.1.1 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# exit

R1(config)# ip nat inside source static 10.1.1.1 1.1.1.1

The first command configures the IP address of the GigabitEthernet 0/0 interface on R1. The second command enables NAT and maps the private IP address of R2 to the public IP address of R1.

Configuring Inside Source NAT using Pools

Next, we'll configure inside source NAT using pools on R1. NAT pools enable multiple private IP addresses to be mapped to a single public IP address.

On R1, enter the following commands in global configuration mode:
 
R1(config)# ip nat pool NATPOOL 1.1.1.2 1.1.1.10 netmask 255.255.255.0
R1(config)# access-list 1 permit 10.1.1.0 0.0.0.255
R1(config)# ip nat inside source list 1 pool NATPOOL

The first command creates a NAT pool named NATPOOL with a range of public IP addresses from 1.1.1.2 to 1.1.1.10. The second command creates an access list that permits traffic from the 10.1.1.0/24 network. The third command enables NAT and maps the private IP addresses in the 10.1.1.0/24 network to the public IP addresses in the NATPOOL.

Verifying Inside Source NAT
To verify that inside source NAT is working, you can ping a public IP address from R2 and then check the NAT translation table on R1
 

Verify the NAT configuration:

R1#show ip nat translations
This command displays the active NAT translations on the router.

Congratulations, you have successfully configured Inside Source NAT using a pool of IP addresses!

Conclusion

NAT is an essential component of modern networks that allows private IP addresses to be translated into public IP addresses. In this blog post, we have covered the basics of NAT and how to configure and verify Inside Source NAT using both static and pool methods. We have also explained each component of the NAT configuration and provided a step-by-step example using Cisco routers.

By mastering NAT, you will have a better understanding of how modern networks work and be able to troubleshoot common connectivity issues. Good luck on your networking journey!