Simple NAT config
This has got to be the simplest NAT config possible... I just put it here as a quick reference for when you need to get RFC1918 addresses to reach the internet or if you just need to NAT one direction.
Here we're going to NAT all addresses and interfaces inside R8 with the outside interface IP address of Gig 5/0 We'll use loopbacks 1, 2, and 3 to simulate inside interfaces. Create an ACL to match traffic... in this case, we just want to match everything: R8(config)#ip access-list standard NAT R8(config-std-nacl)#permit any R8(config-std-nacl)#exit Next create the NAT statement... this will use the ACL "NAT" as the source list and NAT everything to the outside interface of Gig 5/0 R8(config)#ip nat inside source list NAT interface gig 5/0 Now tell Gig 5/0 it is an "Outside" NAT interface: R8(config)#inter gig 5/0 R8(config-if)#ip nat outside R8(config-if)#end Now we're going to ping 2.2.2.2 from R8's "inside" IP's, and then look at the NAT translation table. R8#ping 2.2.2.2 source lo 1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds: Packet sent with a source address of 8.1.1.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 92/94/96 ms R8#ping 2.2.2.2 source lo 2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds: Packet sent with a source address of 8.2.2.2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 92/103/124 ms R8#ping 2.2.2.2 source lo 3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds: Packet sent with a source address of 8.3.3.3 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 68/90/108 ms R8#sh ip nat translations Pro Inside global Inside local Outside local Outside global icmp 20.20.20.8:0 8.1.1.1:0 2.2.2.2:0 2.2.2.2:0 icmp 20.20.20.8:1 8.2.2.2:1 2.2.2.2:1 2.2.2.2:1 icmp 20.20.20.8:2 8.3.3.3:2 2.2.2.2:2 2.2.2.2:2 R8# Like I said... this is about as simple as it gets, and you'll probably need to make yours a little more refined, but it should be enough to get you started and give you some basic commands. |