Memorise

How to Configure NAT on Cisco router

This brief tutorial will show you how to configure NAT overload or how to enable Internet access to multiple PCs of your LAN using only one public IP address. This type of NAT can easily be used at home when you have a Cisco 800 series xDSL router.


The first step is to define the addresses that will need to be NAT’d. This is done using a standard access-list:

access-list 1 permit your_lan_address_range

Example: access-list 1 permit 192.168.1.0

Now that we have defined the addresses that are allowed to use the NAT address, we will enable the actual NAT:

ip nat inside source list access-list number interface overload

Example: ip nat inside source list 1 dialer0 overload

This command states that it will use the addresses from the access-list we defined in Step 1 and NAT it to the Public IP address on the interface (e.g., serial 0, dialer 0, ethernet 1). The overload keyword specifies that multiple LAN addresses can be NAT’d to that address. The router uses the TCP and UDP ports of the hosts [LAN addresses] to translate the public IP address back to the originating local host address.

The last steps we need to configure are to tell the router which are our inside and outside addresses. This is achieved using the following commands:

For the inside
conf t interface ethernet | fastethernet number
ip nat inside

For the outside (assume we are dealing with an xDSL router)
conf t interface dialer0
ip nat outside

Now that NAT is configured, we can check to see which addresses are being used by using the show ip nat translations commands.


Categorised as: Cisco, Hardware/Software


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.