There are 3 types of NAT:
- Static NAT – Translates a private to a public address (1-to-1).
- Dynamic NAT – Translates a pool of private to a pool of public addresses (many-to-many).
- NAT Overload (or PAT) – Translates many private IPs over just one public IP (many-to-1).
Define the inside interface:
int g0/0 ip nat inside
Define the outside interface:
int g0/1 ip nat outside
Creating the Access-List that will allow the translations many-to-one:
ip access-list standard USERS permit 10.1.1.0 0.0.0.255 ip nat inside source list USERS int g0/1 overload
Note: the access-list contains the private network address, and defined as the source, right next interface g0/1 (not the public IP) is defined as the exit to the internet. Overload allows many internal addresses to be translated at the same time.
Example for many-to-many:
ip access-list standard 1 permit 10.10.0.0 0.0.255.255 ip nat pool INTERNAL 192.168.1.129 192.168.1.254 netmask 255.255.255.128 ip nat inside source list 1 pool INTERNAL ip route 0.0.0.0 0.0.0.0 172.16.1.1
If it is just one-to-one translation, avoid using access list and pool by issuing only:
ip nat inside source static 10.10.10.1 200.200.200.200
To see what is being translated:
do show ip nat translations do show ip nat translations verbose