Simple example of NAT co-existing with PAT.

Sometimes, to understand NAT vs PAT a model can be useful.  This model shows how inside traffic on left can reach outside world, represented by PC3 on the right. PC1 uses PAT while PC2 uses NAT.

Each endpoint is just a PC with an IP, NM and GW.  

Configuration of R3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
no ip domain lookup
!
!
interface FastEthernet0/0
 ip address 192.168.10.254 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.13.64.254 255.255.248.0
 ip nat outside
 duplex auto
 speed auto
ip route 0.0.0.0 0.0.0.0 10.13.64.1
!
ip nat pool MY_POOL 10.13.64.1 10.13.64.1 netmask 255.255.254.0
ip nat inside source list 7 pool MY_POOL overload
ip nat inside source static 192.168.10.5 10.13.65.5
!
access-list 7 permit 192.168.10.0 0.0.0.255
no cdp log mismatch duplex
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login

As it is now, PC1 and PC2 can contact PC3. However, PC3 can only respond.   If we wanted PC3 to be able to initiate a conversation with PC2,  by contacting 10.13.65.5, we could add line 

"ip nat outside source static 10.13.65.5 192.168.10.5"

Also, in this example, the default route out to the Internet would be 10.13.65.1.  A router capable of directing traffic out that way isn't shown.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)