dslreports logo

    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»


how-to block ads

Prerequisite reading:
»Cisco Forum FAQ »NAT, PAT, Port Forward, Internet and Server Access: Introduction and Practices

Network Address Translation or NAT is an Internet standard (IETF RFC 1631) that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT box (e.g. a router) located where the LAN meets the Internet makes all necessary IP address translations.


- Hides internal IP addresses.

- Enables a company to use more internal IP addresses. Since they're used internally only, there's no possibility of conflict with IP addresses used by other companies and organisations.

The links below provide NAT information in greater detail:

An introduction to NAT

NAT FAQ @ Cisco.com

How to configure NAT?

NAT and route maps.

NAT Implementation: Sample Configurations

1. Basic Internet Access (Outbound Traffic Only) - No Public Servers

Various Cisco Router, PIX/ASA NAT/PAT Sample Configurations

2. Basic Internet Access and Public Servers (Inbound and Outbound Traffic)

Running Servers using Cisco Router, PIX/ASA NAT/PAT Technology

Generic NAT configuration

This configuration was worked up on a cisco 831 with 12.2(13)ZH2 software but should work on any cisco router with a modern version of IOS, just adjust the interfaces accordingly.

version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router
logging queue-limit 100
ip subnet-zero
ip dhcp excluded-address
ip dhcp pool LOCALPOOL
import all
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
interface Ethernet0
description Inside private interface
ip address
ip nat inside
hold-queue 100 out
interface Ethernet1
description Outside public interface
ip address dhcp
ip nat outside
duplex auto
ip nat inside source list 1 interface Ethernet1 overload
ip classless
ip http server
no ip http secure-server
access-list 1 permit
line con 0
no modem enable
stopbits 1
line aux 0
stopbits 1
line vty 0 4
scheduler max-task-time 5000

If you would like to add any more links or information to this FAQ, please do not hesitate to contact the FAQ Editors whose avatars are present at the top of the Cisco FAQ forum page or click the feedback link which can be found at the bottom left hand corner of this page.

Expand got feedback?

by Covenant See Profile edited by aryoba See Profile
last modified: 2008-12-24 10:03:21