NAT Configuration There are few methods (and commands) that are used to configure NAT.

The main three methods include one for static NAT, one for Dynamic NAT, and one for TCP load sharing. Static NAT Configuration There a few steps that are required when configuring static NAT; the number of the commands depends on whether there will be more than one static translation: 1 2 Enter global configuration mode. command can be used multiple router#configure terminal nat inside source times staticlocal-ip global-ip [overload]

Configure the static NAT translation (this router(config)#ip depending on the number of static translations required). The overload keyword enables the use of PAT.

3 4 5 6 7

Enter interface configuration mode for the router(config)#interface interface-id inside interface. Configure the interface as the inside NAT router(config-if)#ip nat inside interface. Enter interface configuration mode for the router(config-if)#interface interface-id outside interface. Configure the interface as the outside NAT router(config-if)#ip nat outside interface. Exit configuration mode. router(config-if)#end

Static NAT Configuration Example

Dynamic NAT Configuration Dynamic NAT requires a few additional commands over a static configuration as the source of the traffic and the NAT address pool must be configured: 1 2 Enter global configuration mode. router#configure terminal Configure the dynamic NAT address router(config)#ip nat pool pool-name pool. start-ip endip {netmask netmask | prefix-length p 3 refix-length} Configure a static access list to define router(config)#access-list access-listthe addresses to be translated. 4 Configure translation. 5 6 7 8 9 the dynamic number permit source [sourcewildcard] NAT router(config)#ip nat inside source

The overload keyword listaccess-list-number pool pool-

enables the use of PAT. name[overload] Enter interface configuration mode for router(config)#interface interface-id the inside interface. Configure the interface as the inside router(config-if)#ip nat inside NAT interface. Enter interface configuration mode for router(config-if)#interface interface-id the outside interface. Configure the interface as the outside router(config-if)#ip nat outside NAT interface. Exit configuration mode. router(config-if)#end

TCP Load Balancing Configuration The TCP load balancing feature enables the ability to assign a single outside address that is translated into one of a pool of addresses in order to balance the load of traffic over a number of different hosts. The following commands are used to configure TCP load balancing: 1 2 Enter global configuration mode. router#configure terminal

Configure the NAT address pool that contains router(config)#ip nat pool pool-name start-ip the list of real host IP addresses to load end-ip {netmask netmask | prefix-length pref balance to. ix-length} type rotary

Configure a static access list to define the router(config)#access-list access-list-number virtual address that will be used for outside permit source [source-wildcard] communication.

4 5 6 7 8 9

Configure TCP server load balancing.

router(config)#ip nat inside destinationlist access-list-number pool pool-name

Enter interface configuration mode for the router(config)#interface interface-id inside interface. Configure the interface as the inside NAT router(config-if)#ip nat inside interface. Enter interface configuration mode for the router(config-if)#interface interface-id outside interface. Configure the interface as the outside NAT router(config-if)#ip nat outside interface. Exit configuration mode. router(config-if)#end