Cisco IOS Command Overview – Network Address Translation (NAT)

Cisco IOS Command Overview – Show IP NAT translation

Frustrated because you cannot understand NAT?  Was just reading a blog post on NAT and was reminded how much difficultly I had with Network Address Translation (NAT) when I was just starting out on my career as a Cisco networks engineer.  First off, the official Cisco notes – How NAT works.  Feeling confused after reading it?  For most part the official Cisco notes well as the CCNA books I recommended in the previous posts are excellent resources.  However, one of the most confusing topics for the beginning CCNA networks engineer are the 4 crucial NAT terms – inside local, inside global, outside local and outside global.  One of the items you must definitely master for your CCNA preparation is definitely NAT, as NAT is one of the features that is extremely well used when you are a CCNA networks engineer.

After NAT has been configured correctly (please see the excellent blog post I mentioned above to find out how), you’ll issue the sh ip nat trans Cisco IOS command to display the translation table, in order to verify that NAT has been configured correctly.  These 4 terms are used to refer to specific IP addresses (and port numbers) involved in the translation.  To understand NAT correctly, it is important to understand what they mean.

It is a good practice to configure the interface facing the internal network as “nat inside” and the interface facing the external network as “nat outside“.  The below 2 diagrams show what the addresses are at various points in the NAT process.

Network Address Translation

Network Address Translation - Outgoing Packet

For outgoing packets:

• Inside Local – This is the untranslated source address
• Outside Local – This is the untranslated destination address
• Inside Global – This is the translated source address
• Outside Global – This is the translated destination address

Network Address Translation - Incoming Traffic

For incoming traffic (to make this easier to understand the diagram depicts return traffic):

• Outside Global – This is the untranslated source address
• Inside Global – This is the untranslated destination address
• Outside Local – This is the translated source address
• Inside Local – This is the translated destination address

I hope this has been helpful.  Please follow me on twitter (@savvynetcert) and drop me a note to let me know if you liked this post.  Feel free to subscribe to my RSS feed and so you won’t miss a single post.

Cheers,
Francis (SavvyNetCert.Com)

Technorati Tags: cisco command, cisco commands, cisco ios command, Cisco IOS Commands