1
packetlife.net by Jeremy Stretch v1.0 NETWORK ADDRESS TRANSLATION interface FastEthernet0 ip address 10.0.0.1 255.255.0.0 ip nat inside ! interface FastEthernet1 ip address 174.143.212.1 255.255.252.0 ip nat outside ! One line per static translation ip nat inside source static 10.0.0.19 192.0.2.1 ip nat inside source static 10.0.1.47 192.0.2.2 ip nat outside source static 174.143.212.133 10.0.0.47 ip nat outside source static 174.143.213.240 10.0.2.181 FastEthernet0 10.0.0.1/16 NAT Inside FastEthernet1 174.143.212.1/22 NAT Outside NAT Boundary Configuration Static Source Translation Dynamic Source Translation ! Create an access list to match inside local addresses access-list 10 permit 10.0.0.0 0.0.255.255 ! ! Create NAT pool of inside global addresses ip nat pool MyPool 192.0.2.1 192.0.2.254 prefix-length 24 ! ! Combine them with a translation rule ip nat inside source list 10 pool MyPool ! ! Dynamic translations can be combined with static entries ip nat inside source static 10.0.0.42 192.0.2.42 ! Static layer four port translations ip nat inside source static tcp 10.0.0.3 8080 192.0.2.1 80 ip nat inside source static udp 10.0.0.14 53 192.0.2.2 53 ip nat outside source static tcp 174.143.212.4 23 10.0.0.8 23 ! ! Dynamic port translation with a pool ip nat inside source list 11 pool MyPool overload ! ! Dynamic translation with interface overloading ip nat inside source list 11 interface FastEthernet1 overload Port Address Translation (PAT) ! Create a rotary NAT pool ip nat pool LoadBalServers 10.0.99.200 10.0.99.203 prefix-length 24 type rotary ! ! Enable load balancing across inside hosts for incoming traffic ip nat inside destination list 12 pool LoadBalServers Inside Destination Translation Perspective Location Local Global Inside Outside Inside Local Inside Global Outside Local Outside Global Address Classification Inside Local An actual address assigned to an inside host An inside address seen from the outside Inside Global Outside Global An actual address assigned to an outside host An outside address seen from the inside Outside Local Troubleshooting show ip nat translations [verbose] show ip nat statistics clear ip nat translations Special NAT Pool Types Rotary Used for load balancing Preserves the host portion of the address after translation Match- Host Example Topology Terminology NAT Pool A pool of IP addresses to be used as inside global or outside local addresses in translations Extendable Translation The extendable keyword must be appended when multiple overlapping static translations are configured Port Address Translation (PAT) An extension to NAT that translates information at layer four and above, such as TCP and UDP port numbers; dynamic PAT configurations include the overload keyword ip nat translation tcp-timeout <seconds> ip nat translation udp-timeout <seconds> ip nat translation max-entries <number> NAT Translations Tuning

Nat

Embed Size (px)

DESCRIPTION

nat

Citation preview

Page 1: Nat

packetlife.net

by Jeremy Stretch v1.0

NETWORK ADDRESS TRANSLATION

interface FastEthernet0ip address 10.0.0.1 255.255.0.0ip nat inside!interface FastEthernet1ip address 174.143.212.1 255.255.252.0ip nat outside

! One line per static translationip nat inside source static 10.0.0.19 192.0.2.1ip nat inside source static 10.0.1.47 192.0.2.2ip nat outside source static 174.143.212.133 10.0.0.47ip nat outside source static 174.143.213.240 10.0.2.181

FastEthernet0

10.0.0.1/16

NAT Inside

FastEthernet1

174.143.212.1/22

NAT Outside

NAT Boundary Configuration

Static Source Translation

Dynamic Source Translation

! Create an access list to match inside local addressesaccess-list 10 permit 10.0.0.0 0.0.255.255!! Create NAT pool of inside global addressesip nat pool MyPool 192.0.2.1 192.0.2.254 prefix-length 24!! Combine them with a translation ruleip nat inside source list 10 pool MyPool!! Dynamic translations can be combined with static entriesip nat inside source static 10.0.0.42 192.0.2.42

! Static layer four port translationsip nat inside source static tcp 10.0.0.3 8080 192.0.2.1 80ip nat inside source static udp 10.0.0.14 53 192.0.2.2 53ip nat outside source static tcp 174.143.212.4 23 10.0.0.8 23!! Dynamic port translation with a poolip nat inside source list 11 pool MyPool overload!! Dynamic translation with interface overloadingip nat inside source list 11 interface FastEthernet1 overload

Port Address Translation (PAT)

! Create a rotary NAT poolip nat pool LoadBalServers 10.0.99.200 10.0.99.203 prefix-length 24 type rotary!! Enable load balancing across inside hosts for incoming trafficip nat inside destination list 12 pool LoadBalServers

Inside Destination Translation

Perspective

Location

Local Global

Inside

Outside

Inside Local Inside Global

Outside Local Outside Global

Address Classification

Inside LocalAn actual address assigned to an inside host

An inside address seen from the outside

Inside Global

Outside GlobalAn actual address assigned to an outside host

An outside address seen from the inside

Outside Local

Troubleshooting

show ip nat translations [verbose]

show ip nat statistics

clear ip nat translations

Special NAT Pool Types

Rotary Used for load balancing

Preserves the host portion of the address after translation

Match-Host

Example Topology

Terminology

NAT PoolA pool of IP addresses to be used as inside global or outside local addresses in translations

Extendable TranslationThe extendable keyword must be appended when multiple overlapping static translations are

configured

Port Address Translation (PAT)An extension to NAT that translates information at layer four and above, such as TCP and UDP port numbers; dynamic PAT configurations include the overload keyword

ip nat translation tcp-timeout <seconds>ip nat translation udp-timeout <seconds>ip nat translation max-entries <number>

NAT Translations Tuning

Stateless Deterministic NAT (SD-NAT)

Stateless Deterministic NAT (SD-NAT)

Documents
 · CERDISACERDISA Stonemix Anthracite 60x60 Nat. Rett.. White 60x120 Nat. Rett. 60x60 Nat. Rett. 8 9

 · CERDISACERDISA Stonemix Anthracite 60x60 Nat. Rett.. White 60x120 Nat. Rett. 60x60 Nat. Rett. 8 9

Documents
Nat Turner

Nat Turner

Education
Network Address Translation (NAT) - Cisco · NetworkAddressTranslation(NAT) ThefollowingtopicsexplainNetworkAddressTranslation(NAT)andhowtoconfigureit. •WhyUseNAT?,onpage1 •NATBasics,onpage2

Network Address Translation (NAT) - Cisco · NetworkAddressTranslation(NAT) ThefollowingtopicsexplainNetworkAddressTranslation(NAT)andhowtoconfigureit. •WhyUseNAT?,onpage1 •NATBasics,onpage2

Documents
Configure AnyConnect VPN Client on FTD: Hairpining and NAT ...€¦ · NAT Exemption and Hairpining Step 1. NAT Exemption Configuration The NAT exemption is a preferred translation

Configure AnyConnect VPN Client on FTD: Hairpining and NAT ...€¦ · NAT Exemption and Hairpining Step 1. NAT Exemption Configuration The NAT exemption is a preferred translation

Documents
Implementing NAT-PT for IPv6 · Information About Implementing NAT-PT for IPv6 Users can configure NAT-PT using one of the following operations--static NAT-PT, dynamic NAT-PT, Port

Implementing NAT-PT for IPv6 · Information About Implementing NAT-PT for IPv6 Users can configure NAT-PT using one of the following operations--static NAT-PT, dynamic NAT-PT, Port

Documents
Application of Separation Minima and NAT Documents/NAT Documents/NAT... · Minima, Lateral non-intersecting and NAT Table of Separation Minima, Longitudinal Distance Based related

Application of Separation Minima and NAT Documents/NAT Documents/NAT... · Minima, Lateral non-intersecting and NAT Table of Separation Minima, Longitudinal Distance Based related

Documents
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization

1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization

Documents
NAT & NAT Class 11 J Hutchinson

NAT & NAT Class 11 J Hutchinson

Documents
PRODUCT GUIDE ToGo! Foodservice Packaging · = Product Item# NAT-F344RAF NAT-F505RAVF NAT-F608RAVF NAT-E883RAVF NAT-F113RAVF NAT-F505RAVTWF NAT-F542RAVMWF NAT-F608RAVTWF NAT-F663RAVTWF

PRODUCT GUIDE ToGo! Foodservice Packaging · = Product Item# NAT-F344RAF NAT-F505RAVF NAT-F608RAVF NAT-E883RAVF NAT-F113RAVF NAT-F505RAVTWF NAT-F542RAVMWF NAT-F608RAVTWF NAT-F663RAVTWF

Documents
NAT & NAT Class 4 E Gellner

NAT & NAT Class 4 E Gellner

Documents
Einführung in NAT - Willkommen bei Connect Deutschland ... · Einführung in NAT Network Address ... • Port Address Translation (PAT) is an extension of NAT. ... IP nat inside

Einführung in NAT - Willkommen bei Connect Deutschland ... · Einführung in NAT Network Address ... • Port Address Translation (PAT) is an extension of NAT. ... IP nat inside

Documents
Needs Assessment Tool (NAT) Webinar. Training Agenda Welcome Background of the Needs Assessment Tool (NAT) Introduction to the NAT What’s New? NAT Review

Needs Assessment Tool (NAT) Webinar. Training Agenda Welcome Background of the Needs Assessment Tool (NAT) Introduction to the NAT What’s New? NAT Review

Documents
Aramco ExPats€¦ · Kennecott Copper Lee Rubber Liggett & Wrers Montgomery Ward Motorola Nash Kelvinator Nat. Biscuit Nat. Cash Register Nat. Dai Nat. Stei{ Nat Sugar NY tentral

Aramco ExPats€¦ · Kennecott Copper Lee Rubber Liggett & Wrers Montgomery Ward Motorola Nash Kelvinator Nat. Biscuit Nat. Cash Register Nat. Dai Nat. Stei{ Nat Sugar NY tentral

Documents
BAUGI SUNSTONE - EnergieKer · 30,2x30,2 . 12”x12” Decori - decors - decors - Dekore BAUGI NAT. 12,04 FREYA NAT. 12,04 ALOF NAT. 12,04 LOKI NAT. 12,04 GROA NAT. 12,04 NORNE NAT

BAUGI SUNSTONE - EnergieKer · 30,2x30,2 . 12”x12” Decori - decors - decors - Dekore BAUGI NAT. 12,04 FREYA NAT. 12,04 ALOF NAT. 12,04 LOKI NAT. 12,04 GROA NAT. 12,04 NORNE NAT

Documents
2010.pdfNIWFA 2010 Christmas Cobra Fencing Open women rs saber Unrated Sunday, December 05, cl ub Hunter college Hunter College 2010 - 9:00 AM Div NAT NAT NAT NAT NAT NAT NAT NAT NAT

2010.pdfNIWFA 2010 Christmas Cobra Fencing Open women rs saber Unrated Sunday, December 05, cl ub Hunter college Hunter College 2010 - 9:00 AM Div NAT NAT NAT NAT NAT NAT NAT NAT NAT

Documents
Configuring Network Address Translationwhp-hou9.cold.extweb.hp.com/...Adv-C06-NAT-Nov2006.pdfConfiguring Network Address Translation Configuring NAT Configuring NAT Configuring NAT

Configuring Network Address Translationwhp-hou9.cold.extweb.hp.com/...Adv-C06-NAT-Nov2006.pdfConfiguring Network Address Translation Configuring NAT Configuring NAT Configuring NAT

Documents
未命名 -1 Halal.pdf12.3 124 NAT NAT- NAT- 129 NAT- -132 NAT NAT- 133 -134 NAT NAT- 135 NAT. 137 NAT. NA NAT- 139 140 NAT. 141 142 NAT- NAT- 143 NAT- NAT 147 NAT- This certificate

未命名 -1 Halal.pdf12.3 124 NAT NAT- NAT- 129 NAT- -132 NAT NAT- 133 -134 NAT NAT- 135 NAT. 137 NAT. NA NAT- 139 140 NAT. 141 142 NAT- NAT- 143 NAT- NAT 147 NAT- This certificate

Documents
NAT-MCH Users Manual · NAT-MCH – User’s Manual

NAT-MCH Users Manual · NAT-MCH – User’s Manual

Documents
NAT and NAT Traversal

NAT and NAT Traversal

Documents
SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP

SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP

Documents
type - LAMP | EPFLlampamin/dot/twelf.pdfexp nat exp exp (app) exp nat exp (sel) tpe (top) tpe (bot) nat tpe tpe tpe (arrow) nat tpe tpe tpe (rect) nat tpe tpe (recv) exp nat tpe (tsel)

type - LAMP | EPFLlampamin/dot/twelf.pdfexp nat exp exp (app) exp nat exp (sel) tpe (top) tpe (bot) nat tpe tpe tpe (arrow) nat tpe tpe tpe (rect) nat tpe tpe (recv) exp nat tpe (tsel)

Documents
NAT-PT for IPv6 · NAT-PTforIPv6 NAT—PTisanIPv6-to-IPv4translationmechanism,asdefinedinRFC2765andRFC2766,thatallows IPv6-onlydevicestocommunicatewithIPv4-onlydevicesandviceversa

NAT-PT for IPv6 · NAT-PTforIPv6 NAT—PTisanIPv6-to-IPv4translationmechanism,asdefinedinRFC2765andRFC2766,thatallows IPv6-onlydevicestocommunicatewithIPv4-onlydevicesandviceversa

Documents
Tabelle /Table - portailbatiment.fr poesia nat. >40 ant. >40 out2 >40 prestigio soft >40 lucido npd lapp. npd tenax nat. >40 trail nat. >40 velvet ground nat. >40 voyager nat >40 wood2

Tabelle /Table - portailbatiment.fr poesia nat. >40 ant. >40 out2 >40 prestigio soft >40 lucido npd lapp. npd tenax nat. >40 trail nat. >40 velvet ground nat. >40 voyager nat >40 wood2

Documents
cenere - Emilgroup · 2020. 9. 9. · E2UL Cenere Opaco Nat. Rett. E90Y Terra Opaco Nat. Rett. E2UN Grigio Opaco Nat. Rett. E2UK Crema Opaco Nat. Rett. E2UP Nero Opaco Nat. Rett

cenere - Emilgroup · 2020. 9. 9. · E2UL Cenere Opaco Nat. Rett. E90Y Terra Opaco Nat. Rett. E2UN Grigio Opaco Nat. Rett. E2UK Crema Opaco Nat. Rett. E2UP Nero Opaco Nat. Rett

Documents
NAT Traversal in SIP - StarTrinitystartrinity.com/VoIP/Resources/sip26.pdf · NAT Traversal in SIP. NAT Traversal in SIP ... Network Address Translation (NAT) ... NAT, and the proxy

NAT Traversal in SIP - StarTrinitystartrinity.com/VoIP/Resources/sip26.pdf · NAT Traversal in SIP. NAT Traversal in SIP ... Network Address Translation (NAT) ... NAT, and the proxy

Documents
NAT & VPN Adressübersetzung und Tunnelingarchive.cone.informatik.uni-freiburg.de/lehre/proseminar/.../15-NAT... · Seminararbeit NAT & VPN 1 NAT 1.1 Was ist NAT und wo kommt es zur

NAT & VPN Adressübersetzung und Tunnelingarchive.cone.informatik.uni-freiburg.de/lehre/proseminar/.../15-NAT... · Seminararbeit NAT & VPN 1 NAT 1.1 Was ist NAT und wo kommt es zur

Documents
Angostura Resource Management Plan - usbr.gov file- Remove Fence along park boundary. LUM 1.2, LUM 1.3, LUM 1.4, LUM 1.5 NAT 1.2, NAT 1.9, NAT 1.10, NAT 1.11, NAT 1.12, NAT 1.13 REC

Angostura Resource Management Plan - usbr.gov file- Remove Fence along park boundary. LUM 1.2, LUM 1.3, LUM 1.4, LUM 1.5 NAT 1.2, NAT 1.9, NAT 1.10, NAT 1.11, NAT 1.12, NAT 1.13 REC

Documents
Nat doc007 edition 2013 with bkmrks nat mnps

Nat doc007 edition 2013 with bkmrks nat mnps

Career
Chapter 8210.70.254.122/chingyu/RoutingProt-Ch8.pdf · 5Dynamic NAT with overload Network Address Translation ... Configuring Static NAT Configure NAT ... Router(config)# ip nat pool

Chapter 8210.70.254.122/chingyu/RoutingProt-Ch8.pdf · 5Dynamic NAT with overload Network Address Translation ... Configuring Static NAT Configure NAT ... Router(config)# ip nat pool

Documents