NAT question

Unanswered Question
Aug 7th, 2007
User Badges:

i know you implement overloading like this:

>ip nat inside source list 1 interface serial0/0 overload


my question is: when people use

>ip nat outside source list 1 interface...

?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Edison Ortiz Tue, 08/07/2007 - 10:38
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

ip nat outside is used when you want to translate the address coming from the outside network into the inside network.


Usually, you only translate ip addresses from your internal network since they are private addresses and devices in the internet have no reachability to them.


So for instance, 192.168.1.1 -> 64.210.210.1 as it exits the router to the internet. That's what the ip nat inside does.


Now, the ip nat outside will be something like


192.168.1.1 <- 64.210.210.1


The address will be translated to an internal address.


To the internal network, they won't be connecting to 64.210.210.1 but to 192.168.1.1 when they need resources from that device in the internet.


HTH,


milkdroogy Tue, 08/07/2007 - 10:50
User Badges:

Does someone use this(the outside conversion...)

? and for what purpose?

sanyaolu Tue, 08/07/2007 - 12:12
User Badges:

Yes, Infact i used it for my company's client "B".


The reason for using this is My company is a large organisation and we have a dedicated Link between My company and our client B. Client B has Private RFC 1918 IP addresses which is not routable in my company. Hence, my company translate the Client Private IP address to a routable IP in my company.


This is one example where you do IP NAT OUTSIDE ........


Adeolu

Edison Ortiz Tue, 08/07/2007 - 12:25
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The times I've seen ip nat outside is when translating ip addresses from remote connections that may overlap your network.


For instance, after a merger between 2 companies , IP addresses may overlap and you may want to have the control on what ip addressing scheme is used on incoming packets rather than relying on the remote network engineer to do the translation for you as it exits his/her network.

Actions

This Discussion