Tuesday, 19 February 2013

How to Create NAT Rule on Router for Access the Internet

Before we get started, take a look at Figure A, this offers an illustration of what our example network looks like.

Figure A

If you're wondering why using NAT is necessary, it's because we choose the IP address scheme for the LAN from the blocks of private IP addresses. Because these IP addresses aren't usable on the Internet, we must translate these IP addresses into a real Internet IP address, such as one provided by an ISP.

So, we'll use NAT to provide the IP address translation from our LAN to our WAN. While most consumer-based routers refer to NAT as a ubiquitous term, there are a few different kinds of NAT, including static NAT, pooled NAT, and NAT overload (also called port address translation, or PAT).

Consumer-based routers typically use NAT overload, which is what we'll use for this example. NAT overload involves using a single Internet IP address and multiple inside IP addresses.

Let's look at the step-by-step process for configuring NAT overload. The router needs to be in Global Configuration Mode, and the prompt should look like this: Router(config)#

Create a pool of Internet IP addresses

For this example, we're going to overload a single Internet IP address. Since this is the only IP address we have, we'll create a pool with only one IP address in it. 


Router(config)# ip nat pool mypool 1.1.1.1 1.1.1.1 prefix 30

Create an access list

Next, we must determine who the router allows to use NAT to access the Internet using our NAT pool, which we can accomplish by creating an access list. For this example, we'll allow the entire internal network to use NAT to access the Internet. 


Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255
 
 

Create the NAT source list

Now, we must connect the pool and the list of users. We can accomplish this by telling the router that we want to use NAT from the inside (using the access list to define our possible source IP addresses) and go to the outside using the pool that contains our single Internet IP address. In addition, we want to overload this single Internet IP address using PAT.

Router(config)# ip nat inside source list 1 pool mypool overload
 
 

Define the inside and the outside NAT interfaces


Next, we need to tell the router which interface is the inside and which is the outside.
Router(config)# interface ethernet 0/0
Router(config-if)# ip nat inside
Router(config-if)# exit
Router(config)# interface serial 0/0
Router(config-if)# ip nat outside
Router(config-if)# exit 

That's it.
 
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)