Configuring Dynamic NAT: One Private to One Public Address Translation

Step 1: Define a static route on the remote router stating where public addresses should be routed.

ISP(config)#ip route 64.64.64.64 255.255.255.255.128 s0/0

Informs the ISP router where to send packets with addresses destined for 64.64.64.64 255.255.255.255.128

Step 2: Define a pool of usable public IP addresses on your router that will perform NAT.

Private address will receive first available public address in pool

Corp(config)#ip nat pool scott 64.64.64.70 64.64.64.126 netmask 255.255.255.128

Defines the following:

• Name of pool is scott (The name of the pool can be anything.)

• Start of pool is 64.64.64.70

• End of pool is 64.64.64.126

• Subnet mask is 255.255.255.128

Step 3: Create an ACL that will identify which private IP addresses will be translated.

Corp(config)#access-list 1 permit 172.16.10.0 0.0.0.255

Step 4: Link the access control list (ACL) to the pool of addresses. (Create the translation.)

Corp(config)#ip nat inside source list 1 pool scott

Defines the following:

• The source of the private addresses is from ACL 1

• The pool of available public addresses is named scott

Step 5: Define which interfaces are inside (contain the private addresses).

Router(config)#int fa 0/0

Router(config-if)#ip nat inside

You can have more than one inside interface on a router. Addresses from each inside interface are then allowed to be translated into a public address

Step 6: Define the outside interface (the interface leading to the public network).

Router(config)#int s 0/0

Router(config-if)#ip nat outside