IP NAT SOURCE STATIC

What does this command do and when to use it?

ip nat source static 1.1.1.1 2.2.2.2

 

Note: It doesn't have the keyword 'inside'.

Thanks!

 

 

Comments

  • Hi,

    Instead of ip nat inside or ip nat outside under interface you can use ip nat enable. When you use ip nat enable, it allows both inside and outside nat by creating NAT virutal inteface (NVI) and traffic flow is on this virtual interface.

    Here is the example:

    R2(config)#do show run int fa0/0
    Building configuration...

    Current configuration : 110 bytes
    !
    interface FastEthernet0/0
     ip address 12.12.12.2 255.255.255.0
     ip nat enable
     duplex auto
     speed auto
    end
    !
    R2(config)#do show run int fa1/0
    Building configuration...

    Current configuration : 110 bytes
    !
    interface FastEthernet1/0
     ip address 23.23.23.2 255.255.255.0
     ip nat enable
     duplex auto
     speed auto
    end
    !
    R2(config)#do show run | in ip nat
     ip nat enable
     ip nat enable
    ip nat source static 1.1.1.1 23.23.23.2
    !
    R1#telnet 3.3.3.3 /source-interface lo0
    Trying 3.3.3.3 ... Open


    User Access Verification

    Password:
    R3>
    !
    R3#telnet 23.23.23.2 /so lo0
    Trying 23.23.23.2 ... Open


    User Access Verification

    Password:
    R1>

    Any comments?

    [:D]

  • Great explanation nnn!

    Just adding one more thing, there are two type of NAT:
    1. Domain-based NAT, by using "inside" and "outside" on the interfaces
    2. NVI-based NAT, by using "ip nat enable" on the interfaces

  • Thanks guys for the great explainations.


  • nnn

    In your example, is R1 & R3 loopback (1.1.1.1 & 3.3.3.3) advertise to IGP ?

    a. If not, how R1 know it should send toward R2 when telnet to R3 Loopback ? Do you put static/default route on R1 ?

    b. When telnet respond back from R3->R2->R1. Is R2 convert DESTINATION ip from 23.23.23.2 to 1.1.1.1 again ?

        If yes, How R2 know to send traffic toward R1 loopback 1.1.1.1 ?


  • Hi AndiS,

    In your example, is R1 & R3 loopback (1.1.1.1 & 3.3.3.3) advertise to IGP ?

    a. If not, how R1 know it should send toward R2 when telnet to R3 Loopback ? Do you put static/default route on R1 ?

    Yes, R1,R3 has 1.1.1.1 and 3.3.3.3 loopback address and advertised into IGP.

    b. When telnet respond back from R3->R2->R1. Is R2 convert DESTINATION ip from 23.23.23.2 to 1.1.1.1 again ?

        If yes, How R2 know to send traffic toward R1 loopback 1.1.1.1 ?

    See this output:

    R1#telnet 3.3.3.3 /source-interface lo0
    Trying 3.3.3.3 ... Open


    User Access Verification

    Password:
    R3>en
    Password:
    R3#show tcp brief
    TCB       Local Address           Foreign Address        (state)
    63FC2334  3.3.3.3.23              23.23.23.2.11111       ESTAB
    !
    R3#telnet 23.23.23.2 /source-interface lo0
    Trying 23.23.23.2 ... Open


    User Access Verification

    Password:
    R1>en
    Password:
    R1#show tcp brief
    TCB       Local Address           Foreign Address        (state)
    63FC2B18  1.1.1.1.23              3.3.3.3.27124          ESTAB

    I hope this clears your dobut!

    HAPPY STUDY

    [:D]

Sign In or Register to comment.