Mediant MSBRs 20 Document #: LTRT-31828
Security Setup
Both NAT and NAPT can use a pool of addresses to contact (or to show) the outside word
(the WAN). For NAT and NAPT, a range of IP addresses and ports can be configured using
ACLs. This range of IP addresses is called a NAT pool. To configure the NAT pool, use the
following commands.
Table 5-2: NAT Pool Commands
Command Description
Enter the data configuration menu.
(config-data)# access-list
tcp_nat permit tcp 192.168.0.0
Mark the traffic of the inside addresses. These
addresses will be hidden behind NAT.
(config-data)# ip nat pool
tcp_pool 180.1.100.50
180.1.100.50
Configure a NAT pool that starts with the
address 180.1.100.50 and ends with the
address 180.1.100.50. This means that there is
only one address in the NAT pool.
Table 5-3: NAT Rules
Command Description
(config-data)# ip nat inside
source list tcp_nat interface
gigabitethernet 0/0 pool tcp_pool
Configure IP NAT translation for devices behind
NAT. For every address?? selected by the
tcp_nat ACL, on the interface gi0/0 and use the
tcp_pool NAT pool.
Table 5-4: NAPT Rules
Command Description
(config-data)# ip nat inside
source list tcp_nat interface
gigabitethernet 0/0 pool tcp_pool
port 5000 5010
Configure IP NAPT translation for IP addresses
behind the NAT. For every address selected by
the tcp_nat ACL, on the interface gi0/0, map
multiple IP addresses to the tcp_pool
addresses using ports range 5000-5010.
The process of changing the LAN IP address to WAN IP address is called NAT translation.
To verify that the NAT translation is working, use the following command:
Table 5-5: NAT Translation
Command Description
# show data ip nat translations
Displays NAT translations.
To Next Page
Loading...
