Dynamic NAT means that we have a pool of addresses that we will use to provide real IP addresses to a group of users on the inside. We do not use port numbers, so we have to have real IP addresses for every user trying to get outside the local network.
Here is a sample output of a dynamic NAT configuration:
The ip nat inside source list 1 pool Todd command tells the router to translate IP addresses that match access-list 1 to an address found in the IP NAT pool named Todd.
The access list in this case is not being used to permit or deny traffic as we would use it for security reasons to filter traffic. It is being used in this case to select or designate what we often call interesting traffic. When interesting traffic has been matched with the access list, it is pulled into the NAT process to be translated. This is a common use for access lists; they don’t always have the dull job of just blocking traffic at an interface.
The IP nat pool todd 170.168.2.2 192.168.2.254 command creates a pool of addresses that will be distributed to those hosts that require NAT.
Here is a sample output of a dynamic NAT configuration:
The access list in this case is not being used to permit or deny traffic as we would use it for security reasons to filter traffic. It is being used in this case to select or designate what we often call interesting traffic. When interesting traffic has been matched with the access list, it is pulled into the NAT process to be translated. This is a common use for access lists; they don’t always have the dull job of just blocking traffic at an interface.
The IP nat pool todd 170.168.2.2 192.168.2.254 command creates a pool of addresses that will be distributed to those hosts that require NAT.
No comments:
Post a Comment