STATIC TRANSLATION :- In this we need to give both the entries mually means address to be converted and the address

in which one will convert router(config)#ip nat inside source static <local address> <global address> local address ==> Address to convert global address==> Address in which local will convert ip inside ==> Doing ip based NAT translation ==> Convert inside addresses means traffic coming from inside of my network

NOTE :- keep in mind we need to specify the interfaces after configuration of NAT that which one is my inside and which one is my outside interface source also there static ==> convert source address only / option of converting destination address is ==> translation will be done statically means we will tell what to convert in what

ip nat inside source static 20.20.20.13 192.168.10.13 ip nat inside source static 20.20.20.15 192.168.10.15 ip nat inside source static 20.20.20.30 192.168.10.30 ip nat inside source static 20.20.20.5 192.168.10.5 ip nat inside source static 20.20.20.55 192.168.10.55 ip nat inside source static 20.20.20.21 192.168.10.21 ip nat inside source static 20.20.20.101 192.168.10.101 ip nat inside source static 20.20.20.100 192.168.10.100

no ip nat inside source static 20.20.20.13 192.168.10.13 no ip nat inside source static 20.20.20.15 192.168.10.15 no ip nat inside source static 20.20.20.30 192.168.10.30 no ip nat inside source static 20.20.20.5 192.168.10.5 no ip nat inside source static 20.20.20.55 192.168.10.55 no ip nat inside source static 20.20.20.21 192.168.10.21 no ip nat inside source static 20.20.20.101 192.168.10.101

no ip nat inside source static 20.20.20.100 192.168.10.100

After Configuration specify inside traffic and outside network interface router#config t router(config)#interface ethernet0 router(config-if)#ip nat inside ==> specifies inside network interface

router#config t router(config)#interface serial0 router(config-if)#ip nat outside ==> specifies outside (WAN) network interface

************************************************************************************* DYNAMIC NAT 1. Create pool (Group) of addresses 2. specify ACL which will tell NAT process that whose address will convert and who will not be converted 3. Specify NAT which will use ACL + NAT pool to do translation STEP 1 router(config)#ip nat pool bsf-ip 192.168.10.10 192.168.10.15 netmask 255.255.255.0 OR router(config)#ip nat pool bsf-ip 192.168.10.10 192.168.10.15 prefix-length 24 STEP 2 router(config)#access-list 10 permit 20.20.20.0 0.0.0.255 STEP 3 router(config)#ip nat inside source list 10 pool bsf-ip STEP 4 SPECIFY OUTSIDE AD INSIDE INTERFACES *************************************************************************************

PAT / NAT OVERLOAD 1. Create an ACL which will tell NAT process that who will be converted 2. Choose the interface whose ip will be used to send the traffic out (Maximum conditions -WAN Link) STEP 1 router(config)#access-list 10 permit 20.20.20.0 0.0.0.255 STEP 2 router(config)#ip nat inside source list 10 interface serial 0 STEP 3 SPECIFY OUTSIDE AD INSIDE INTERFACES ********************************************************************************************** USING A DIFFERENT ADDRESS WHICH IS NOT CONNECTED TO A PHYSICAL NETWORK IN OUR EXAMPLE WE WILL TAKE 60.60.60.60 IP FOR DOING PAT 1. Everythying same as PAT 2. Difference is a) Create a interface logical untill/ unless this is not created we will not be able to specify that which interface will be used to overload b) NOTE :- Route the new network in routing process (RIP in our case) otherwise traffic from the new network will not be sent out router(config)#access-list 10 permit 20.20.20.0 0.0.0.255 router(config)#interface loopback 0 router(config-if)#ip address 60.60.60.60 255.255.255.0 router(config-if)#exit router(config)# router(config)#ip nat inside source list 10 interface loopback 0 router(config)#router rip router(config-router)#network 60.0.0.0