1.1.1
S0
192.168.1.1
SA
10.1.1.2
SA
192.168.1.2
Internet
Scaling the Network with NAT and PAT 257
Step 7 Mark the interface as connected to the outside.
RouterX(config-if)# iipp nnaatt oouuttssiiddee
Use the command show ip nat translations in EXEC mode to display active translation
information.
Dynamic Address Translation
The example in Figure 7-5 shows how the device translates all source addresses that pass
ACL 1, which means a source address from the 192.168.1.0/24 network, into an address
from the pool named net-208. The pool contains addresses from 171.69.233.209/28 to
171.69.233.222/28.
Figure 7-5 Dynamic Address Translation
CAUTION The ACL must permit only those addresses that are to be translated.
Remember that there is an implicit deny any statement at the end of each ACL. An ACL
that is too permissive can lead to unpredictable results. Using permit any can result in
NAT consuming too many router resources, which can cause network problems.
ip nat pool net-208 171.69.233.209 171.69.233.222 netmask
255.255.255.240
ip nat inside source list 1 pool net-208
!
interface serial 0
ip address 171.69.232.182 255.255.255.240
ip nat outside
!
interface ethernet 0
ip address 192.
Pages:
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388