11-07-2006 10:39 PM - edited 03-05-2019 12:41 PM
Dear All,
I was reading my NAT Design Paper, because I am going to Implement NAT in My Company.
Now, I want to ask you for only the Process of Static NAT , to allow External Users ? on internet side ? to ? access a specific server inside my LAN.
Which is the things that determine this NAT will Work from External to Internal , or Internal to External ?
Please answer the 3 questions .
1- Is it the Route command that I configured on the router it self , only ?
Or,
2- Is it the Route Command + NAT Table which is configured on the Router it self ?
Because As far as I know, I understood the following:-
To configure the NAT, I have to:-
1- determine which INTERFACE will act as IP NAT OUTSIDE , usually the one which have the IP from the ISP Side.
2- Determine which INTERFACE will act as IP NAT INSIDE , usually the one which have the IP from the Private LAN.
3- Determine the NAT statement , if its STATIC / dynamic /overloading .
4- Determine the Route command .
3- Here is Step 4 , I can make rule to forward every thing from INTERNAL to EXTERNAL or from EXTERNAL to INTERNAL , according to My Design Requirements.
So, from the NAT Command + Route Command , I can make the NAT From External to Internal , or, from Internal to External . is that correct ?
11-09-2006 07:42 AM
My six-senses tell me that the ISP side is OUTSIDE.
Because he provides 'Inside Global' adresses.
(`・ω・?)My win!
11-16-2006 10:26 AM
Nat works different depending on the direction that traffic is flowing. The point it makes its routing selection will be before or after the nat depending on direction.
This is a good link that describes how nat works in relationship to routing.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml
For the case of using nat in a ISP environment you want your default route pointing to the outside interface. From the ISP point of view they will only have the addresses you have in the NAT table. They know nothing about your internal network. Depending on how many addresses you have the ISP will just have routes for these addresses and they will all be sent to your router. If you have only 1 then all the traffic appears to come from the router itself.
After it gets to your router this is where the direction of nat traffic matters. When the traffic comes back the address is translated from the public ones to your private ones. Since you may have multiple interfaces on your router that are NAT inside interfaces the router does not know where to send the packet until after it converts it. This is why when traffic goes from outside to inside the translation is done before the lookup.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide