cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7300
Views
10
Helpful
7
Replies

NAT explanation

techguy
Level 4
Level 4

ip nat inside source static tcp 10.0.0.3 80 86.96.201.7 80 extendable

7 Replies 7

techguy
Level 4
Level 4

what does this command do? Thanks

Hi,

It will translate the packet arrived on

              a) outside interface with the destination IP 86.96.201.7 port 80/TCP to inside 10.0.0.3 port 80/TCP.

              b) inside interface with the source IP 10.0.0.3 port 80/TCP that has as destination interface outside

You are NATing the inside host. Extendable will allow you to use more the one static pat (port address translation ) with the same public ip.

Dan

ip nat inside source static 10.5.50.9 89.144.102.179

is ther any difference between this command and above-mentioned command ?

Yes.

This will allow you to

               - use the public ip only for this translation

               - translate any traffic from and to the inside host ( 10.5.50.9 ) to the public ip

Dan

Hello Dan,

Correct me please if I am wrong here but in this case:

ip nat inside source static tcp 10.0.0.3 80 86.96.201.7 80 extendable

the extendable keyword actually does nothing, as this translation is already fully specified by addresses, protocols and ports. The extendable keyword was more used with plain IP-to-IP translation and to be completely honest, to this day I have not fully understood its usage.

Best regards,

Peter

Hi Peter,

My understanding about the extendable option is that allows you to do PAT using the same outside global.

I do now that this option is available also on ip-ip and network-network static nat...but I do not see how could you apply the extandable in those cases ( ip-ip and net-net ).

I've done a quick test :

interface FastEthernet0/0

ip address 1.1.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

end

!

interface Loopback0

ip address 2.2.2.2 255.255.255.0

ip nat outside

ip virtual-reassembly

end

!

ip route 10.10.10.0 255.255.255.0 1.1.1.254

Commands :

R1(config)#ip nat inside source static tcp 10.10.10.10 80 2.2.2.10 80

R1(config)#ip nat inside source static tcp 10.10.10.11 81 2.2.2.10 81

R1(config)#

R1(config)#^Z

R1#sh run | i nat

ip nat outside

ip nat inside

ip nat inside source static tcp 10.10.10.10 80 2.2.2.10 80 extendable

ip nat inside source static tcp 10.10.10.11 81 2.2.2.10 81 extendable

R1#

The extendable keywork was automatically added.

I opened the NAT overview :

"The extendable keyword allows the user to configure several ambiguous static translations, where an ambiguous translations are translations with the same local or global address."

http://www.cisco.com/en/US/technologies/tk648/tk361/tk438/technologies_white_paper09186a0080091cb9.html

Regards

Dan

hie;

Guys i have a 2911 Router with 3 interfaces (GIG) and 4 wic 10/100 which is connected to my lan and the 3 interfaces are connected to 3 ISP i want the correct NAT and Access-list to send emails from my mail server on 192.168.0.1 using ISP 3 who is on Gig0/2

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco