There are a number of commands that can be used to configure the different variations of NAT.
Configuring Static NAT
Static NAT configuration requires that each static mapping between a local, or private, address and a global, or public, address must be configured. Then, each interface needs to be identified as either an inside or outside interface.
The ip nat inside source static command is used to create a static mapping. The inside keyword indicates that NAT translates addresses for hosts on the inside part of the network. The source keyword indicates that NAT translates the source IP address of packets coming into its inside interfaces. The static keyword indicates that the parameters define a static entry. If two hosts require Internet access, two ip nat inside commands must be used.
The ip nat inside and ip nat outside interface subcommands identify which interfaces are “inside” and which are “outside” respectively.
Two show commands list the most important information about static NAT. These commands are:
. show ip nat translations, which lists the static NAT entries; and the
. show ip nat statistics, which lists statistics, including the number of currently active translation table entries and the number of hits, which increments for every packet for which NAT must translate addresses.
Configuring Dynamic NAT
Dynamic NAT configuration differs from static NAT but it also has some similarities. It requires that each interface be identified as either an inside or outside interface but the static mapping is not required. In addition, a pool of inside global addresses needs to be defined. The ip nat inside source command is used to identify which inside local IP addresses need to have their addresses translated.
The ip nat pool command defines the set of IP addresses to be used as inside global addresses. The two show commands used to trouble shoot static NAT can also be used to troubleshoot dynamic NAT. In addition to these you can use the debug ip nat command. This command causes the router to issue a message every time a packet has its address translated for NAT.
Configuring NAT Overload and PAT
The ip nat inside source overload command is used to configure NAT overload. The overload parameter is required to enable overload. Without this parameter, the router does not perform overload, but dynamic NAT. You can use the show ip nat translations to troubleshoot NAT overload.