Blog

Here’s How to Configure Cisco NAT

Here's How to Configure Cisco NAT
13
Sep
When you surf, in particular, the computer must have an IP address that is registered with the ISP. However, public IP addresses are limited and the increasing number of computers using these IPs makes them unable to access the internet. From that case emerged Cisco NAT that can handle the number of IP addresses.
But not only that, there are various functions of Cisco NAT and also various advantages. Therefore, in this article we will discuss various aspects of Cisco NAT.

Definition of NAT

Network Address Translation (NAT) is designed for IP address conservation. This allows private IP networks that use unregistered IP addresses to connect to the Internet. NAT operates on routers, typically connecting two networks together, and translates private (not globally unique) addresses on the internal network into official addresses, before packets are forwarded to other networks.
As part of this capability, NAT can be configured to advertise only one address for the entire network to the outside world. This provides additional security by effectively hiding the entire internal network behind that address. NAT offers the dual function of security and address conservation and is usually implemented in remote access environments.

NAT type

From the understanding of NAT, maybe we can know that Cisco NAT consists of various types. These various types also have different explanations and also their use according to conditions.

Overlapping NAT

Overlapping is a condition when a device on your network is assigned an IP address that is on the same subnet as another device on the Internet or an external network, the result is an overlapping network. This is a common result when two companies merge together.

NAT Statistics

Static NAT maps network traffic from a static external IP address to an internal or network IP address. This creates a static translation from the original address to the mapped address. Static NAT provides internet connectivity to network devices over a private LAN with an unregistered private IP address.

Dynamic NAT

Unlike static NAT, where you have to manually define a static mapping between private and public addresses, dynamic NAT does the mapping of local addresses to global addresses dynamically. This means that the router dynamically retrieves an address from a global address pool that is not currently assigned. Dynamic entries remain in the NAT translation table as long as traffic is exchanged. Entry times out after a period of inactivity and global IP addresses can be used for new translations.

Overburdening NAT

NAT Overload is the most common NAT method used in all internet-connected networks. This is because of how it works and the limitations it can overcome. When you use a router, firewall, Internet sharing capability or any third party program that allows all the computers in your home to connect to the internet through one connection, that’s when you use NAT Overload.

Functions of NAT

When talking about what the function of NAT is, maybe all of this will focus on safety and on conservation. What is IP conservation? The IP address identifies each device connected to the internet. Existing IP version 4 (IPv4) uses 32-bit numbered IP addresses, which allows for 4 billion possible IP addresses, which seemed more than enough when it was launched in the 1970s. However, the internet has gone global and many people use it, and while not all 7 billion people on the planet access the internet regularly, those who do often have multiple connected devices: mobile phones, personal desktops, work laptops, tablets, TVs, even homeware today. Many use the internet to realize the dream of a smart home. Therefore, the number of devices accessing the internet far exceeds the number of available IP addresses. Routing all these devices over a single connection using NAT helps consolidate multiple private IP addresses into one public IP address. This helps keep more public IP addresses available even as private IP addresses proliferate.

How NAT Works

Actually the workings of Cisco NAT is quite easy. Let’s say there is a laptop connected to the home router. A person uses a laptop to find directions to his favorite restaurant. The laptop sends this request in a packet to the router, which forwards it to the web. But first, the router changes the outgoing IP address from a private local address to a public address. If the packet holds a private address, the receiving server will not know where to send the information back – this is similar to sending a physical letter and requesting a return service but providing an anonymous return address. Using NAT, information is returned to the laptop using the router’s public address, not the laptop’s private address.

How to Configure Cisco NAT

Okay, now we will discuss how to configure NAT Cisco using a Cisco router. The Cisco router used for this tutorial is the Cisco 3640. You could say this is just an example and indeed this example is a very basic configuration method.

Router Configuration

The method is as follows:

  1. FastEthernet1 (f0/0) with IP 192.168.1.0. This interface is connected to the network to be NAT
  2. Serial 0/0/0 with IP 200.200.200.1. This interface is connected to the internet. Enter privileged config mode t

Router# configure terminal

Router(config)# interface fa0/0 (IP Private)

Router(config-if)# ip add 192.168.0.1 255.255.255.0

 

Router(config)# interface s0/0/0 (IP Public)

Router(config-if)# ip add 200.200.200.1 255.255.255.0

The interface must be connected to the network to be NAT.

Configure the access list for later use in the NAT process

HQ(config)# access-list 1 permit 192.168.1.0 0.0.0.255

Configure the router to NAT all packets from IP Private 192.168.1.0 to IP Public 200.200.200.2 – 6

HQ(config)# ip nat pool INTERNET 200.200.200.2 200.200.200.6 netmask 255.255.255.248

HQ(config)# ip nat inside source list 1 pool INTERNET overload

Next, just select the interface that is directly connected to NAT, and define the network on this network as the network that will be NAT.

HQ(config)# int f0/0

HQ(config)# ip nat inside

HQ(config)# ip s0/0/0

HQ(config)# ip nat outside

Configuration complete. Checks whether the host on the 192.168.1.0 network can connect to the virtual world. Also check the NAT configuration on the router with the show ip nat translation instructions.

Router1#sh ip nat statistics

Total translations: 1 (1 static, 0 dynamic, 0 extended)

Outside Interfaces: FastEthernet0/1

Inside Interfaces: FastEthernet0/0

Hits: 10  Misses: 36

Expired translations: 19

Dynamic mappings:

Router1#sh ip nat translations

Pro  Inside global     Inside local       Outside local      Outside global

—  12.12.12.12       10.10.10.2         —

Verification

Router1#sh ip route

Gateway of last resort is 12.12.12.2 to network 0.0.0.0

 

     10.0.0.0/24 is subnetted, 1 subnets

C       10.10.10.0 is directly connected, FastEthernet0/0

     12.0.0.0/24 is subnetted, 1 subnets

C       12.12.12.0 is directly connected, FastEthernet0/1

S*   0.0.0.0/0 [1/0] via 12.12.12.2

Want to Know More How to Configure Cisco NAT?

That was how to configure Cisco NAT. Indeed, if done in a coherent way, if there are those who still do not understand about the network, it will be difficult. This difficulty can be overcome by relying on NetData as a consultant for Cisco NAT configuration matters and can also do it directly on your network. You can find various other information on the NetData website.

Loading

Leave a Reply

Your email address will not be published. Required fields are marked *

Semua operasional PT. Network Data Sistem akan menggunakan domain nds.id per tanggal 8 Mei 2019. Semua informasi/promosi dalam bentuk apapun selain menggunakan domain nds.id bukan tanggung jawab PT. Network Data Sistem Dismiss