Configuring PAT

Share on:

This tutorial will help you configure PAT (Port Address Translation), or sometimes called NAT (Network Address Translation) with overload on a Cisco router. PAT uses multiple private IP addresses and translates them into a single or very few public IP addresses. This is possible because the private IP addresses are mapped to the port number of the PC. Let's get started!!! Port Address Translation With the above shown topology we see that we are using two routers called ISP and R1 we also have one switch (default configuration) and a PC connected to R1's Fa0/0 interface. Both routers need to be setup with basic router configuration and IP address added to the interfaces of ISP and R1 along with the PC to be configured with the supplied IP address. Also a default-gateway on the PC and clock rate on ISP's serial interface before we can get stated. (This tutorial is assuming you can already do that) ;) Now that the basic setups have been configured we need an IP route on R1 to ISP. We want to define that any IP address not in R1's routing table needs to be sent to the ISP. To do that move to global configuration mode and type the command ip route and the IP address of ISP's serial interface: [code]R1(config)#ip route[/code] You can do this two ways, use the IP address of ISP (like above) OR use the exit interface of R1. (like below) [code]R1(config)#ip route s0/0/0[/code] The next thing we need is an ACL (Access-Control-List). Adding a standard ACL defines which addresses are to be translated with NAT (example): [code]R1(config)#access-list 5 permit[/code] The above command makes an access-control list. But an ACL is no good if we don't apply it. We now need to apply this ACL to R1. Remember to specify the access list number that you made earlier. (example): [code]R1(config)#ip nat inside source list 5 interface serial s0/0/0 overload[/code] The above command tells us that we want to use the access list number "5" (which says that the 172 network is allowed to be translated into a public IP address) with interface s0/0/0 and put overload on that interface. (Overload is the keyword that makes this possible!!) On R1 move to the interface configuration mode, tell the router which interface has the private IP addresses by using the ip nat inside command (this would be R1's Fast-Ethernet 0/0 interface): [code]R1(config)#interface fa0/0 R1(config-if)#ip nat inside [/code] You also want to configure the outside interface on R1. That would be the serial 0/0/0 interface. [code]R1(config)#interface s0/0/0 R1(config-if)#ip nat outside[/code] This command tells us that R1's interface s0/0/0 is the outside interface (This is the location of the public IP addresses or ISP) That's it!! This is simple tutorial that uses PAT or Port Address Translation also called NAT with overload! Hope this tutorial was helpful