How To Configure PAT on Cisco Router in Packet Tracer - Netizzan

How To Configure PAT on Cisco Router in Packet Tracer

In this article, we will explore how to configure PAT on a cisco router.

Network address translation (NAT) is an algorithm used in translating private IP address into a public IP address for connectivity over the internet.

There are two primary types of IP addresses: IPv6 and IPv4. Initially, IPv4 was the predominant addressing scheme. However, with only 4,294,967,296 IPv4 addresses available and the continuous growth of the global population and internet users, the supply of IPv4 addresses is nearly depleted. To address this issue, IPv6 was introduced, offering up to 340,282,366,920,938,463,463,374,607,431,768,211,456 IP addresses. Despite the vast address space of IPV6, transitioning all network devices to IPv6 presents significant challenges.

As a short-term solution to the rapid depletion of IPV4 addresses, classless inter-domain routing (CIDR), network address translation (NAT), and private IP addressing were introduced.

There are three different types of NAT: dynamic NAT, static NAT, and PAT. In this post, we will be focusing on port address translation (PAT). We already have a post on dynamic NAT and also on static NAT. Do check them out if you are curious.

What is PAT?

PAT, which stands for Port Address Translation, is a type of NAT that changes the source or destination port number of a packet. Just like dynamic NAT, PAT allows multiple devices to share a single public IP address by assigning them different port numbers. PAT is also known as NAT overload because it can use one public IP address to serve multiple private IP addresses.

How does PAT work?

PAT works almost the same as dynamic NAT, but with a different approach. PAT assigns a unique port number to each private IP address and then adds it to the mapping table. This means that PAT can use the same public IP address for multiple private IP addresses, as long as they have different port numbers. PAT can also use more than one public IP address to load balance traffic originating from multiple private IP addresses.

Network Topology

The network topology we will be making use of in this post is shown below. As you can see, it consists of a DHCP-enabled router, a cloud symbol representing  internet, and two DHCP clients connecting to the router through a switch.

In this demonstration, we will configure default route to the internet on the router, configure DHCP on the router, and then configure PAT on the router so that the private IP addresses configured on the PCs can be routed to the internet.

network topology for demostrating how to configure PAT

How To Configure PAT on Cisco Router

Here are steps to configure PAT on Cisco router using the network topology above as a case study;

Step 1: Configure the interfaces of the router

Enter the following commands to configure the interfaces of the router;

R1(config)#interface ethernet0/0
R1(config-if)#ip address 10.254.4.70 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface ethernet0/1
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#no shutdown 
R1(config-if)#exit

Step 2: Create a Default Route to the internet

R1(config)#ip route 0.0.0.0 0.0.0.0 10.254.4.254
R1(config)#do ping 8.8.8.8

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!

If you are curious to learn how to configure default routes and the explanation of the commands, check out our separate post on how to configure default routes on a Cisco router.

Step 3: Configure the DHCP Server

R1(config)#ip dhcp excluded-address 192.168.12.1 192.168.12.10

R1(config)#ip dhcp pool LAN
R1(dhcp-config)#network 192.168.12.0 /24
R1(dhcp-config)#default-router 192.168.12.1
R1(dhcp-config)#dns-server 1.1.1.1 1.0.0.1
R1(dhcp-config)#domain-name cisco.lab
R1(dhcp-config)#exit

If you are curious to learn about each of the above commands, check out our post on how to configure DHCP on Cisco packet tracer.

Step 4: Configure PAT on the Router

Enter the following commands to configure PAT on the router;

R1(config)#access-list 1 permit 192.168.12.0 0.0.0.255
R1(config)#ip nat inside source list 1 interface ethernet0/0 overload
R1(config)#interface ethernet0/0
R1(config-if)#ip nat outside 
R1(config-if)#exit

R1(config)#interface ethernet0/1
R1(config-if)#ip nat inside 
R1(config-if)#exit

Here are brief explanations of each of the above commands:

  1. access-list 1 permit 192.168.12.0 0.0.0.255: This command creates an access control list (ACL) named “1” that permits traffic from the subnet 192.168.12.0 with a subnet mask of 255.255.255.0 on the NAT-Router.
  2. ip nat inside source list 1 interface ethernet0/0 overload: This command configures NAT overload (or PAT) on the router. It tells the router to translate the private IP addresses specified in access list 1 to the public IP address assigned to interface ethernet0/0, enabling multiple private IP addresses to share a single public IP address for outbound traffic.
  3. ip nat outside: This command specifies that interface ethernet0/0 is connected to the outside network (typically the internet) and should be considered as such for NAT purposes.
  4. ip nat inside: This command specifies that interface ethernet0/1 is connected to the inside network (the local network) and should be considered as such for NAT purposes.

Step 5: Verify configuration

To test if PAT configured on the router is working, check if HostA and HostB can both go to the internet by pinging 8.8.8.8, which is an IP on the internet.

Static NAT configuration

Dynamic NAT configuration

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top