Using Cisco PT 6.0 to simulate Nat, Pat

NAT (Network Address Translation) is the process of converting the IP address in the IP address data packet header to another IP address. In practical applications, Nat is mainly used to enable private networks to access public networks. By using a small number of public IP addresses to represent a large number of private IP addresses, this will help reduce the depletion of available IP address space.

There are three Nat Methods: static Nat, dynamic Nat, and Nat overload (PAT ). (PAT: multiplexing port address translation ).

1. Static NAT: The intranet IP address corresponds to the Internet IP address one by one, and only one Intranet IP address is allowed to access the Internet.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/33/wKioL1PRtPHxFi3NAADCSEgHCGc168.jpg "Title =" qq20140725092655.png "alt =" wkiol1prtphxfi3naadcseghcgc168.jpg "/>

Static NAT configuration command:

Configure the command on the vro as follows:

Ip nat inside source static 192.168.10.2 209.105.200.154

Intranet address Internet address

Ip nat inside

Ip nat outside

In this way, the Intranet 192.168.10.2 corresponds to the Internet 209.105.200.154, and only 192.168.10.2 can access the Internet.

2. Dynamic NAT: maps an intranet address segment to an Internet address pool address. When the IP addresses in the Internet address pool are mapped, the Intranet cannot access the network.

For example:

Inside: 192.168.0.1-10 10

Outside: 200.200.200.1-5 5

When the Intranet IP address accesses the Internet at the same time,

After the five IP addresses on the Internet are mapped,

Other IP addresses in the Intranet cannot access the Internet,

You must wait until the first five mappings are released before accessing

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/34/wKiom1PRtVnxDbIyAAEO612pYvQ063.jpg "Title =" qq20140725092655.png "alt =" wkiom1prtvnxdbiyaaeo612pyvq063.jpg "/>

The configuration command is as follows:

Ip nat pool NAT-POOL1 209.165.200.226 209.165.200.240 netmask too large

Internet address pool

Access-List 1 permit 192.168.0.0 0.255.255

Ip nat inside source list 1 pool nat_pool1

Ip nat inside

Ip nat outside

3. Nat overload (PAT): When the Intranet sends traffic to the Internet, port address translation is used, which is also the most common method.

Example: 192.168.10.2: 20--200.200.200.2: 20

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/34/wKiom1PRtiOxusmlAAFKWOJ7puM343.jpg "Title =" qq20140725092655.png "alt =" wkiom1prtioxusmlaafkwoj7pum343.jpg "/>

The configuration command is as follows:

Access-List 1 permit 192.168.0.0 0.255.255

Ip nat inside source list 1 interface serial 0/0/0 overload

External Interface

Ip nat inside

Ip nat outside

Other commands for Nat are as follows:

View the command:

Show ip nat translation *

Show ip nat statistics

Clear NAT:

Clear ip nat translation...

Port ing:

Ip nat inside source static TCP 192.168.1.4 20 200.200.200.200 20

Intranet address Internet address

This article from the "small strong" blog, please be sure to keep this source http://zouqq.blog.51cto.com/8314092/1529964