Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
257
Views
5
Helpful
2
Replies

A few questions on NAT

grichardson661
Level 1
Level 1

‎09-15-2008 11:29 PM - edited ‎03-06-2019 01:24 AM

I'm currently working with NAT ready for my CCNA next week. I read up on NAT last night but have a few questions.

Lets say you have this scenario.

interface s0/0

ip nat outside

ip address 98.65.12.5 255.255.255.252

interface Ethernet 0

ip nat inside

ip address 192.168.1.1 255.255.255.0

ip nat inside source list 50 serial 0/0

access-list 50 permit 192.168.1.0 0.0.0.255

This configuration would only allow one host out at a one time that has an IP address that falls within the permit statement and because I have not overloaded it right?

If somebody on the outside was to ping 98.65.12.5, this would not be translated to an internal address because I haven't created static NAT entry, the packet would be dropped?

Lets say, if I add 'ip nat inside source static 192.168.1.4 20 98.65.12.5' and a host from the outside pinged 98.65.12.5, this would be translated and forwarded to 192.168.0.4 and this would also work vice versa?

Last of all,

If I created a pool of address, let's say from 200.200.0.1 200.200.0.7 255.255.255.248 and I configured the NAT statement with OUT overload, only 7 connections would be able get to the internet right using the pool of addresses, but if I overloaded the NAT statement, each IP address from the pool statement would be able to work with every available port number if needed?

Thanks,

Garry

Labels:
0 Helpful
2 Replies 2

Marwan ALshawi
VIP Alumni
VIP Alumni

‎09-16-2008 01:37 AM

for ur first question u were right

for next question u were right but for ping if u ping the router external ip and u dont have static nat this ping wil not droped because u pinging the router unless u have an ACL deny it

for third question u were right as well

for last question if u have overload with those 7 IPs in the pool the pool will be used once it reach the last one it gonna make PATing ovelroading using ports as u stated :)

good luck in ur CCNA exam

if helpful Rate

grichardson661
Level 1
Level 1
In response to Marwan ALshawi

‎09-16-2008 02:26 AM

Thanks for your reply! Very helpful!

Regarding the pool addresses, the last scenario. Just to clear this up, lets say for simplicity reasons there are a total of 5 ports available for PAT(overload) and i have configured a NAT pool of 7 IPs.

So would the first nat transactions for the first IP address in NAT pool go like..

200.200.0.1:1

200.200.0.1:2

200.200.0.1:3

200.200.0.1:4

200.200.0.1:5

And then, next IP in the NAT pool...

200.200.0.2:1

200.200.0.2:2

200.200.0.2:3

200.200.0.2:4

200.200.0.2:5

And so on...

Thanks,

Garry

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card