Simple Cisco NAT Concepts – Nat Overload —

Hey howdy. Yeah another one of these.. This is sort of a quick Natting guide for Cisco Routers.

In the Cisco world you have 3 basic types of NAT, Static, Dynamic and Overload. Obviously these are more for me than you πŸ˜€ and you should look to cisco for documentation.

Nat Overload – this you are familiar with, and the concept is easy, if you are given a small or a single public IP and you want to use NAT to allow access to the public internet from your local IPs that are not public addresses, you can generally accomplish this with NAT Overload.

To accomplish this we start with identifying which interface is “inside” and which is “outside” on our router.

Here is my diagram I made:


The blue on the left is the “inside” (int gi0/0) and the right is considered “outside” (int gi0/1) and our router0 is considered your gateway to the internet. The other Router in play here is merely to simulate the internet. I’ve placed a webserver behind it, and that server is also running DNS.

On Router 0 we need to configure the interfaces as Inside or Outside.

WORKRTR#conf t
WORKRTR(config)#int gi 0/0
WORKRTR(config-if)#ip nat inside
WORKRTR(config)#int gi 0/1
WORKRTR(config-if)#ip natΒ outside

Now we need to create a Standard Access List to specify which IP ranges we want to allow from the “inside”.

WORKRTR(config)#ip access-list standard INSIDE_NAT_ADDRESSES

We now use that access list with the following command to start the process.

WORKRTR(config)#ip nat inside source list INSIDE_NAT_ADDRESSES interface GigabitEthernet0/1 overload

We can check our work from the router

WORKRTR#sho ip nat translations
Pro Inside global Inside local Outside local Outside global

And one of the PC’s

Pinging with 32 bytes of data:
Reply from bytes=32 time=0ms TTL=126
Reply from bytes=32 time=0ms TTL=126
Reply from bytes=32 time=0ms TTL=126
Reply from bytes=32 time=0ms TTL=126

Categorised as: Cisco | Geeking Out

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.