Yang Mungkin Kamu Cari
Definition of NAT
NAT type
From the understanding of NAT, maybe we can know that Cisco NAT consists of various types. These various types also have different explanations and also their use according to conditions.
Overlapping NAT
Overlapping is a condition when a device on your network is assigned an IP address that is on the same subnet as another device on the Internet or an external network, the result is an overlapping network. This is a common result when two companies merge together.
NAT Statistics
Static NAT maps network traffic from a static external IP address to an internal or network IP address. This creates a static translation from the original address to the mapped address. Static NAT provides internet connectivity to network devices over a private LAN with an unregistered private IP address.
Dynamic NAT
Unlike static NAT, where you have to manually define a static mapping between private and public addresses, dynamic NAT does the mapping of local addresses to global addresses dynamically. This means that the router dynamically retrieves an address from a global address pool that is not currently assigned. Dynamic entries remain in the NAT translation table as long as traffic is exchanged. Entry times out after a period of inactivity and global IP addresses can be used for new translations.
Overburdening NAT
NAT Overload is the most common NAT method used in all internet-connected networks. This is because of how it works and the limitations it can overcome. When you use a router, firewall, Internet sharing capability or any third party program that allows all the computers in your home to connect to the internet through one connection, that’s when you use NAT Overload.
Functions of NAT
When talking about what the function of NAT is, maybe all of this will focus on safety and on conservation. What is IP conservation? The IP address identifies each device connected to the internet. Existing IP version 4 (IPv4) uses 32-bit numbered IP addresses, which allows for 4 billion possible IP addresses, which seemed more than enough when it was launched in the 1970s. However, the internet has gone global and many people use it, and while not all 7 billion people on the planet access the internet regularly, those who do often have multiple connected devices: mobile phones, personal desktops, work laptops, tablets, TVs, even homeware today. Many use the internet to realize the dream of a smart home. Therefore, the number of devices accessing the internet far exceeds the number of available IP addresses. Routing all these devices over a single connection using NAT helps consolidate multiple private IP addresses into one public IP address. This helps keep more public IP addresses available even as private IP addresses proliferate.
How NAT Works
Actually the workings of Cisco NAT is quite easy. Let’s say there is a laptop connected to the home router. A person uses a laptop to find directions to his favorite restaurant. The laptop sends this request in a packet to the router, which forwards it to the web. But first, the router changes the outgoing IP address from a private local address to a public address. If the packet holds a private address, the receiving server will not know where to send the information back – this is similar to sending a physical letter and requesting a return service but providing an anonymous return address. Using NAT, information is returned to the laptop using the router’s public address, not the laptop’s private address.
How to Configure Cisco NAT
Okay, now we will discuss how to configure NAT Cisco using a Cisco router. The Cisco router used for this tutorial is the Cisco 3640. You could say this is just an example and indeed this example is a very basic configuration method.
Router Configuration
The method is as follows:
- FastEthernet1 (f0/0) with IP 192.168.1.0. This interface is connected to the network to be NAT
- Serial 0/0/0 with IP 200.200.200.1. This interface is connected to the internet. Enter privileged config mode t
Router# configure terminal
Router(config)# interface fa0/0 (IP Private)
Router(config-if)# ip add 192.168.0.1 255.255.255.0
Router(config)# interface s0/0/0 (IP Public)
Router(config-if)# ip add 200.200.200.1 255.255.255.0
The interface must be connected to the network to be NAT.
Configure the access list for later use in the NAT process
HQ(config)# access-list 1 permit 192.168.1.0 0.0.0.255
Configure the router to NAT all packets from IP Private 192.168.1.0 to IP Public 200.200.200.2 – 6
HQ(config)# ip nat pool INTERNET 200.200.200.2 200.200.200.6 netmask 255.255.255.248
HQ(config)# ip nat inside source list 1 pool INTERNET overload
Next, just select the interface that is directly connected to NAT, and define the network on this network as the network that will be NAT.
HQ(config)# int f0/0
HQ(config)# ip nat inside
HQ(config)# ip s0/0/0
HQ(config)# ip nat outside
Configuration complete. Checks whether the host on the 192.168.1.0 network can connect to the virtual world. Also check the NAT configuration on the router with the show ip nat translation instructions.
Router1#sh ip nat statistics
Total translations: 1 (1 static, 0 dynamic, 0 extended)
Outside Interfaces: FastEthernet0/1
Inside Interfaces: FastEthernet0/0
Hits: 10 Misses: 36
Expired translations: 19
Dynamic mappings:
Router1#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
— 12.12.12.12 10.10.10.2 —
Verification
Router1#sh ip route
Gateway of last resort is 12.12.12.2 to network 0.0.0.0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/1
S* 0.0.0.0/0 [1/0] via 12.12.12.2
Want to Know More How to Configure Cisco NAT?
That was how to configure Cisco NAT. Indeed, if done in a coherent way, if there are those who still do not understand about the network, it will be difficult. This difficulty can be overcome by relying on NetData as a consultant for Cisco NAT configuration matters and can also do it directly on your network. You can find various other information on the NetData website.