EasyManuals Logo

Cisco Catalyst 6500 Series User Manual

Cisco Catalyst 6500 Series
392 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #167 background imageLoading...
Page #167 background image
9-23
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Chapter 9 Configuring Network Address Translation
Using Dynamic NAT and PAT
Configuring NAT or PAT
This section tells how to configure dynamic NAT or dynamic PAT. The configuration for dynamic NAT
and PAT are almost identical; for NAT you specify a range of global addresses, and for PAT you specify
a single address.
Figure 9-14 shows a typical dynamic NAT scenario. Only local traffic can originate connections, and the
global address is dynamically assigned from a pool.
Figure 9-14 Dynamic NAT
Figure 9-15 shows a typical dynamic PAT scenario. Only local traffic can originate connections, the
global address is the same for each translation, but the port is dynamically assigned.
Figure 9-15 Dynamic PAT
For more information about dynamic NAT, see the “Dynamic NAT” section on page 9-3. For more
information about PAT, see the “PAT” section on page 9-4.
Note If you change the NAT configuration, and you do not want to wait for existing translations to time out
before the new NAT information is used, you can clear the translation table using the clear xlate
command. However, clearing the translation table disconnects all current connections.
To configure dynamic NAT or PAT, follow these steps:
Step 1 To identify the local addresses that you want to translate, enter one of the following commands:
Policy NAT:
FWSM/contexta(config)# nat (
local_interface
)
nat_id
access-list
acl_name
[dns]
[outside | [norandomseq] [[tcp]
tcp_max_conns
[
emb_limit
]] [udp
udp_max_conns
]]
You can identify overlapping addresses in other nat statements. For example, you can identify
10.1.1.0 in one statement, but 10.1.1.1 in another. The traffic is matched to a policy NAT statement
in order, until the first match, or for regular NAT, using the best match.
10.1.1.1 209.165.201.1
Inside
FWSM
Outside
10.1.1.2 209.165.201.2
114403
10.1.1.1:1025 209.165.201.1:2020
Inside
FWSM
Outside
10.1.1.1:1026 209.165.201.1:2021
10.1.1.2:1025 209.165.201.1:2022
114405

Table of Contents

Other manuals for Cisco Catalyst 6500 Series

Preview: Command Reference
Command Reference160 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Configuration Note
Configuration Note212 pages
Preview: Installation Note
Installation Note36 pages
Preview: Hardware Installation Guide
Hardware Installation Guide134 pages
Preview: Troubleshooting
Troubleshooting10 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 6500 Series and is the answer not in the manual?

Cisco Catalyst 6500 Series Specifications

General IconGeneral
BrandCisco
ModelCatalyst 6500 Series
CategorySwitch
LanguageEnglish

Related product manuals