NAT Configuration on Huawei Routers
NAT (Network Address Translation) is a concept used to translate Private block IP addresses to the Public IP Addresses. By doing this, it provides internet connection to the devices that has Private Blcok IP Addresses.
Here, NAT is a general used name. There are different types of NAT. These types are :
– Static NAT
– Dynamic NAT
– PAT (Port Address Translation)
Static NAT maps one-to-one , one Private IP to a one Public IP. This is sued to protect the device inside the network generally. But it is not an effective IP usage.
Dynamic NAT maps many-to-many. Devices in the network has Private IPs and these IPs can map to the Public IPs in a predefined IP Pool. Here, the Public IPs are used if they are needed, so it is an efficient solution.
PAT provide mapping with different Port numbers. Devices in the network can be mapped to one Public IP, with their Private IP addresses and a different Port number. This is a very efficient way.
Now, let’s see the Huawei configuration of these NAT types one by one.
In this first NAT configuration example, we will focus on Static NAT Configuration on Huawei Routers. As we have explained above, Static NAT is configured as one to one. We will translate one Private IP Address to one Public IP Address.
For our Huawei Static NAT Configuration Example, we will use the below topology.
Firtstly we wil configure the interface IP addresses on the Router. Then, under the wan interface of the router, we will ad the nat commadn, “nat static global Public-X indise Private-Y”.
To verify our Static NAT Configuration, we will use “display nat statistics” command.
The second NAT Configuration example is Synamic NAT Configuration. AS we exmplained before, Dynamic NAT uses a predefined IP Pool and provide IP map according to these IP Pool if there is a need.
For our Dynamic NAT Configuration Example, we will use the below topology.
Firtstly we wil configure the interface IP addresses on the Router. After that, we will create an access list. In this Acess List, we will add the LAN IPs. Then, we will configure the IP Pool with “nat address-group” command. And then, we will configure NAT under the WAN interface of the router with the defined IP Pool and ACL. This ACL will allow our LAN IPs on the router.
Firstly, IP address configurations will be done.
Now, it is time to create Access List.
After ACL definition, let’s configure IP Address Pool globally.
Lastly, we will configure NAT on the WAN interface of the router. We will add IP Pool and ACL also. With this configuration, we will say that, “use these IP Pool for mapping the IPs in the ACL (LAN IPs)”.
To verify our Dynamic NAT Configuration, we will use “display nat address-group” command and “display nat outbound” command. You can also check the results of these commands below.
By the way, in this article we will not show the configuration of PAT (Port Address Translation) Because only a key word effect this. If you do not use “no-pat” command at the above configuration, you can configure PAT in the same configuration.
In Cisco we use, “overload” command for PAT. If you do not use this keyword then, it is becoming pure Dynamic NAT. This is reverse in Huawei.