A few questions on NAT

Unanswered Question
Sep 15th, 2008

I'm currently working with NAT ready for my CCNA next week. I read up on NAT last night but have a few questions.

Lets say you have this scenario.

interface s0/0

ip nat outside

ip address 98.65.12.5 255.255.255.252

interface Ethernet 0

ip nat inside

ip address 192.168.1.1 255.255.255.0

ip nat inside source list 50 serial 0/0

access-list 50 permit 192.168.1.0 0.0.0.255

This configuration would only allow one host out at a one time that has an IP address that falls within the permit statement and because I have not overloaded it right?

If somebody on the outside was to ping 98.65.12.5, this would not be translated to an internal address because I haven't created static NAT entry, the packet would be dropped?

Lets say, if I add 'ip nat inside source static 192.168.1.4 20 98.65.12.5' and a host from the outside pinged 98.65.12.5, this would be translated and forwarded to 192.168.0.4 and this would also work vice versa?

Last of all,

If I created a pool of address, let's say from 200.200.0.1 200.200.0.7 255.255.255.248 and I configured the NAT statement with OUT overload, only 7 connections would be able get to the internet right using the pool of addresses, but if I overloaded the NAT statement, each IP address from the pool statement would be able to work with every available port number if needed?

Thanks,

Garry

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Marwan ALshawi Tue, 09/16/2008 - 01:37

for ur first question u were right

for next question u were right but for ping if u ping the router external ip and u dont have static nat this ping wil not droped because u pinging the router unless u have an ACL deny it

for third question u were right as well

for last question if u have overload with those 7 IPs in the pool the pool will be used once it reach the last one it gonna make PATing ovelroading using ports as u stated :)

good luck in ur CCNA exam

if helpful Rate

grichardson661 Tue, 09/16/2008 - 02:26

Thanks for your reply! Very helpful!

Regarding the pool addresses, the last scenario. Just to clear this up, lets say for simplicity reasons there are a total of 5 ports available for PAT(overload) and i have configured a NAT pool of 7 IPs.

So would the first nat transactions for the first IP address in NAT pool go like..

200.200.0.1:1

200.200.0.1:2

200.200.0.1:3

200.200.0.1:4

200.200.0.1:5

And then, next IP in the NAT pool...

200.200.0.2:1

200.200.0.2:2

200.200.0.2:3

200.200.0.2:4

200.200.0.2:5

And so on...

Thanks,

Garry

Actions

This Discussion