Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
321
Views
0
Helpful
2
Replies

HELP-LAST QUESTION ON NAT

mmtantawi
Level 1
Level 1

‎11-07-2006 10:39 PM - edited ‎03-05-2019 12:41 PM

Dear All,

I was reading my NAT Design Paper, because I am going to Implement NAT in My Company.

Now, I want to ask you for only the Process of Static NAT , to allow External Users ? on internet side ? to ? access a specific server inside my LAN.

Which is the things that determine this NAT will Work from External to Internal , or Internal to External ?

Please answer the 3 questions .

1- Is it the Route command that I configured on the router it self , only ?

Or,

2- Is it the Route Command + NAT Table which is configured on the Router it self ?

Because As far as I know, I understood the following:-

To configure the NAT, I have to:-

1- determine which INTERFACE will act as IP NAT OUTSIDE , usually the one which have the IP from the ISP Side.

2- Determine which INTERFACE will act as IP NAT INSIDE , usually the one which have the IP from the Private LAN.

3- Determine the NAT statement , if its STATIC / dynamic /overloading .

4- Determine the Route command .

3- Here is Step 4 , I can make rule to forward every thing from INTERNAL to EXTERNAL or from EXTERNAL to INTERNAL , according to My Design Requirements.

So, from the NAT Command + Route Command , I can make the NAT From External to Internal , or, from Internal to External . is that correct ?

Labels:
0 Helpful
2 Replies 2

haa33110
Level 1
Level 1

‎11-09-2006 07:42 AM

My six-senses tell me that the ISP side is OUTSIDE.

Because he provides 'Inside Global' adresses.

(`・ω・?)My win!

0 Helpful

tdrais
Level 7
Level 7
In response to haa33110

‎11-16-2006 10:26 AM

Nat works different depending on the direction that traffic is flowing. The point it makes its routing selection will be before or after the nat depending on direction.

This is a good link that describes how nat works in relationship to routing.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

For the case of using nat in a ISP environment you want your default route pointing to the outside interface. From the ISP point of view they will only have the addresses you have in the NAT table. They know nothing about your internal network. Depending on how many addresses you have the ISP will just have routes for these addresses and they will all be sent to your router. If you have only 1 then all the traffic appears to come from the router itself.

After it gets to your router this is where the direction of nat traffic matters. When the traffic comes back the address is translated from the public ones to your private ones. Since you may have multiple interfaces on your router that are NAT inside interfaces the router does not know where to send the packet until after it converts it. This is why when traffic goes from outside to inside the translation is done before the lookup.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card