Configuration Guide Configuring NAT
Optional configuration.
Configure static NAPT in global configuration mode when a small number of users in the intranet need to access the
extranet.
Configuring Dynamic NAPT
Optional configuration.
Configure dynamic NAPT in global configuration mode when a large number of users in the intranet need to access
the extranet.
Verification
N/A
Commands
Configuring the NAT Inside Interface and the NAT Outside Interface
ip nat { inside | outside }
inside: inside interface
outside: outside interface
Interface configuration mode
NAT does not work on a data packet unless a route exists between the outside interface and the inside
interface and the data packet meets a certain rule. Therefore, at least one inside interface and one
outside interface need to be configured on the router.
Configuring Static NAPT
ip nat inside source static { udp local-address port | tcp local-address port } global-address port
[ permit-inside ]
udp: UDP
tcp: TCP
local-address: inside local address
port: inside local port
global-address: outside global address
port: outside global port
permit-inside: permits intranet users to access the local-ip host using global-ip.
Global configuration mode
This command is used to build an internal server that external public networks can access. Internal hosts
are not allowed to access the internal server using the global-address unless permit-inside has been
configured. If permit-inside is not configured, internal hosts can access the internal server by using the
local-address only.
Configuring the Address Pool
ip nat pool address-pool start-address end-address { netmask mask |
To Next Page
Loading...
Need help?
General
