NAT – Part 3 (Dynamic NAT Configuration) : www.ipcisco.com

NAT – Part 3 (Dynamic NAT Configuration)

Category: Cisco, NAT
Author: gokhankosem, on 05 Jan 14 - 0 Comments

Before this article, we have talked about static nat configuration. Here, we will talk about dynamic nat configuration. As before, in the dynamic NAT configuration, the interfaces must be identified as inside and outside again. Then we will define a dynamic address adress pool.The ip address will be choosen in this pool to assign as source ip address.

Our topology is below. This time we use packet tracer as our auxiliary simulation program.

Do not miss the point that, to do this configuration, we must already do the interface configuration and the full connectivity must be establihed.

Firstly let’s check the ping packet’s source address when we are pinging from PC 1 to Router 1. AS you can see, the source address will be the PC 0 ‘s ip address. To see the packet you must enable debug modee on Router 1 by “debug ip packet” command.Check the below screenshots.

Now let’s configure the dynamic nat related configuration on Router0.

Configure the Router0 with the below commands:

Router0 # conf terminal
Router0 (config)# int fastethernet 0/0
Router0 (config-if)# ip nat inside
Router0 (config-if)# exit
Router0 (config)# int fastethernet 1/0
Router0 (config-if)# ip nat outside
Router0 (config-if)# exit
Router0(config)# ip nat pool ipcisco 50.50.50.60 50.50.50.70 netmask 255.255.255.0

Lastly, with an access list you must specify the private addresses to be allowed to be dynamically translated.

Router0(config)# ip nat inside source list 10 pool ipcisco
Router0(config)# access-list 10 permit 10.10.10.0 0.0.0.255

Here, these allowed addresses above will be tranlated to a value in public address pool that will be dynamically choosen.

It is tim eto verify our configuration with the same ping packet’s source ip address control. Open the debug mode on Router1 with “debug ip packet” command and ping the Router1 from PC0.

As you can see, one of the addresses in the ipcisco pool is choosen and seen as a source address.
You can download the packet tracer configuration and check simulation.

       Download Dynamic NAT Lab.
About the Author
Gokhan Kosem is a telecommunation engineer and a computer networks professional. His ambition to IP networks and end-to-end system installation made him to prepare this web-site. By sharing his experiences about various networking protocols beside different system installation experiences and Cisco, Juniper, Alcatel-Lucent devices configurations, he is aimed to be helpful for his collegues in all over the world. He is currently lives in Istanbul, Turkey.

Leave a Reply