How To Configure Static NAT on Cisco Router In Packet Tracer

In this article, we will explore the process of setting up static NAT on a Cisco router.

Network Address Translation (NAT) is a algorithm that maps private IP addresses with public IP addresses, facilitating internet routing.

There are two primary types of IP addresses: IPV6 and IPV4. Initially, IPV4 served as the primary IP addressing scheme. However, due to the limited availability of only 4,294,967,296 IPV4 addresses and the ever-expanding global population, the surge in internet users has nearly exhausted these addresses. In response, the IPV6 addressing scheme was introduced, supporting up to 340,282,366,920,938,463,463,374,607,431,768,211,456 IP addresses. Despite this huge address, migrating all existing network devices to this new addressing scheme poses a considerable challenge.

As a short-term solution to the rapid depletion of IPV4 addresses, classless inter-domain routing (CIDR), network address translation (NAT), and private IP addressing were introduced.

NAT, as an algorithm, enables organizations to configure private IP addresses that do not need to be unique across the internet for their network devices. Devices with private Ip address can communicate locally but for them to communicate with other devices on the internet, the private IP address need to be translated to a public IP address using a NAT-enabled-router, which serves as the default gateway to the host devices.

There are three distinct types of NAT: static NAT, dynamic NAT, and PAT (Port Address Translation). Today, our focus will be on configuring static NAT on a Cisco router.

Private and public IP addresses

IP version 4 (IPV4) is further divided into two different types: public and private IP addresses.

Public IP addresses are IP addresses that are unique over the internet. This address allows devices to exchange information over the internet.

Private IP addresses, on the other hand, are local IP addresses that do not need to be unique. These IP address ranges are used only within a locality, and for traffic from these addresses to transverse to the internet, they need to be mapped to a public IP address using the network address translation scheme.

The following are the private IPv4 addresses available for use, as defined in the RFC document:

  • 10.0.0.0 to 10.255.255.255.255
  • 172.16.0.0 to 172.255.255.255
  • 192.168.0.0 to 192.168.255.255

Network Topology

As shown in the image below, the network topology we will be making use of comprise of a Cisco router, two host devices existing on the local area network and a server residing over the internet. We will be configuring static NAT to map 192.168.1.2 – -> 100.0.0.4 and 192.168.1.3 – -> 100.0.0.5.

Note; 192.168.1.2 and 192.168.1.3 are private IP addresses assigned to the two host existing on the LAN. They are the two Inside local IP addresses.

100.0.0.4 and 100.0.0.5 on the other hand are the two public IP addresses that will mapped to the two inside local IP addresses. These two IP addresses are the two inside global IP address.

network topology comprising of router, switch and host devices

How To Configure Static NAT on Cisco Router

The steps to configure NAT involve;

  • Mapping private internal IP address with public global address(192.168.1.2 – -> 100.0.0.4 and 192.168.1.3 – -> 100.0.0.5 in this case).
  • Configuring the Router interface taking part in the NAT as either inside or outside with respect to NAT. In the network above, G0/0/0 is the inside interface while the G0/0/1 is the outside interface.

Step 1: Mapping private internal IP address with public global address

Here are commands to map the private IP with the Public Ip for the network topology shown above;

R1>en
R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip nat inside source static 192.168.1.2 100.0.0.4
R1(config)#ip nat inside source static 192.168.1.3 100.0.0.5

Step 2: Configuring the Router interface taking part in the NAT

Here are commands to configure the router interface taking part in the NAT for the network topology above;

R1(config)#int g0/0/0
R1(config-if)#ip nat inside
R1(config-if)#int g0/0/1
R1(config-if)#ip nat outside

Step 3: Test the configuration

To test the NAT configuration, we need to enter the following command:

R1#show ip nat translations

When we entered the above command on our network, we saw the following configuration;

show ip nat translations

Note: The fields for Outside Local and Outside Global are empty because the server is not connected to any NAT-enabled router; if it were connected to a NAT-enabled router, the two fields would assume the IP address configured on the router.

We have recreated the network topology as shown below;

network topology comprising of two routers and Host devices

In the network above, we have configured RIP

on the two routers and also configured NAT on the second Router with ” ip nat inside source static 192.168.2.2 100.0.0.7″ and when we ran the “show ip nat translations” command, we obtained the result below;

show ip nat translations

Note: After NAT configuration on the two routers, you need to ping from one of the PC to the server before running the “show ip nat translations” command to obtain similar result in the imange above.

Related:

Dynamic NAT configuration

PAT Configuration

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top