-
Inside local address—The IP address assigned to a host on the
inside network. This is the address configured as a parameter of the
computer OS or received via dynamic address allocation protocols such as
DHCP. The address is likely not a legitimate IP address assigned by the
Network Information Center (NIC) or service provider.
-
Inside global address—A legitimate IP address assigned by the
NIC or service provider that represents one or more inside local IP
addresses to the outside world.
-
Outside local address—The IP address of an outside host as it
appears to the inside network. Not necessarily a legitimate address, it
is allocated from an address space routable on the inside.
- Outside global address—The IP address assigned to a host on the outside network by the host owner. The address is allocated from a globally routable address or network space.
Configuring NAT
Step 1 - Define which interfaces are inside or outside using
ip nat { inside | outside }
Step 2 - Configure your flavour of NAT
Inside local -> Inside gobal (Dynamic)
ip nat inside source list <acl> pool <name>
the ACL defines the inside local addresses (RFC1918 generally)
the pool specifies the inside global addresses
Inside local -> Inside global (Static)
ip nat inside source static <Inside-local-ip> <Inside-global-ip>
Outside Global -> Outside Local (Dynamic)
ip nat outside source list <acl> pool <name>
the ACL defines the outside global addresses
the pool specifies the outside local addresses (RFC1918 generally)
Use can used to hide outside global addresses that may have already been used in your internal network.
Outside Global -> Outside Local (Static)
ip nat outside source static <Outside-global-ip> <Outside-local-ip>
No comments:
Post a Comment