– Dynamic NAT configuration
Router(config) # ip nat pool (pool name) (start_IP end_IP) netmask (subnet mask)
Router(config) # ip nat inside source list (#ACL) pool (pool name)
Router(config) # access-list (#ACL) permit (IP) (wildcard mask)
For example:
Router(config) # ip nat pool nat-pool1 179.9.8.80 179.9.8.95 netmask 255.255.255.0
Router(config) # ip nat inside source list 1 pool nat-pool1
Router(config) # access-list 1 permit 10.1.0.0 0.0.0.255
– Then apply to the In and Out ports like Static NAT
Router(config) # interface ethernet 0
Router(config-if) # ip nat inside
Router(config) # interface serial 0
Router(config-if) # ip nat outside
Note: The inside local address and inside global address resolution must be within the allowable range of the ACL
This type of NAT is rarely used in practice, so we will not go into detail about this type of NAT. Instead, let’s learn some more commands:
Clear NAT/PAT commands
Router # clear ip nat translation {* | (inside global-ip local-ip) (outside local-ip global-ip)}
Router # clear ip nat translation protocol {(inside global-ip global-port local-ip local-port) | (outside local-ip global-ip)}
– Command to delete all dynamic nat on all interfaces.
Router # clear ip nat translation *
– Command to delete single nat on each interface
Router # clear ip nat translation (inside/outside) (global ip – local ip)
– Command to delete extended nat on each interface
Router # clear ip nat translation protocol (inside/outside) (global ip – global port – local ip – local port)
Check and Debug NATs and PATs
Router # show ip nat translation
Router # show ip nat statistics
Router # debug ip nat
For details see here: Configure NAT and PAT on Cisco Router devices
Xem tiếp...