What is Static NAT and how to configure Static NAT in Cisco Router

What is Static NAT

Static NAT uses the mapping of one-to-one global (public address) and local (private) addresses, and this one-to-one mapping remains constant. For hosts and web servers it is practically useful that have an address consistent and from the Internet which is accessible.

Mapping of private and public IP addresses, and from the public network is required to support inbound connections into the private network. For the definition of each private IP address (local), there has to be an associated unique globally (public) address.

What is NAT

Several short-term solutions were developed to cope with the depletion of IPv4 addresses. One solution in the short term is to NAT (Network Address Translation) and private addresses. Inside the network NAT enables the hosts to borrow a legitimate Internet IP address while accessing the Internet resources.

The legitimate IP address is available and repurposed for the next Internet request by an inside host when the requested traffic returns. One or a few IP addresses for the router a network administrators only need to provide to the hosts, instead of for every client one unique IP address for joining the network.

In RFC 3022 NAT is defined, and it has many uses but allows networks to use private IP addresses, its key use is to conserve IP addresses. Private, internal, and non-routable addresses are translated by NAT into public and routable addresses. The working of NAT is similar to a natural firewall because from outside the networks it hides the internal IP addresses.

NAT translation has two types Static NAT and Dynamic NAT.

How to Configure Static NAT

How to Configure Static NAT

Configuring the Router R1 Interfaces

Router> enable

Router# configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

Router (config) # hostname R1

R1 (config) # interface serial 0/1/0

R1 (config-if) # ip address 8.0.0.1 255.0.0.0

R1 (config-if) #clock rate 64000

R1 (config-if) #keepalive 10

R1 (config-if) #no shutdown

%LINK-5-CHANGED: Interface Serial0/1/0, changed state to down

R1 (config-if) #exit

R1 (config) # interface fastethernet0/0

R1 (config) # int fa0/0

R1 (config-if) # ip address 192.168.1.15 255.255.255.0

R1 (config-if) #no shutdown

Interface Status up

R1 (config-if) #end

R1#

Configuring the Router R2 Interfaces

Router> enable

Router# configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

Router (config) # hostname R2

R2 (config) # interface serial 0/1/0

R2 (config-if) # ip address 8.0.0.2 255.0.0.0

R2 (config-if) #keepalive 10

R2 (config-if) #no shutdown

Interface Status up

R2 (config-if) #exit

R2 (config) # interface serial 0/1/1

R2 (config-if) # ip address 9.0.0.1 255.0.0.0

R2 (config-if) #keepalive 10

R2 (config-if) #clock rate 64000

R2 (config-if) #no shutdown

%LINK-5-CHANGED: Interface Serial0/1/1, changed state to down

R2 (config-if) #end

R2#

Configuring the ISP Router R3 Interfaces

Router> enable

Router# configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

Router (config) # hostname R3

R3 (config) # interface serial 0/1/1

R3 (config-if) # ip address 9.0.0.2 255.0.0.0

R3 (config-if) #keepalive 10

R3 (config-if) #no shutdown

Interface Status up

R3 (config-if) #exit

R3 (config) # interface fastethernet0/0

R3 (config) # int fa0/0

R3 (config-if) # ip address 192.168.2.15 255.255.255.0

R3 (config-if) #no shutdown

Interface Status up

R3 (config-if) #end

R3#

Router R1, R2, and ISP R3 Routing Table

Router R1

R1# show ip route

IP Route Status

R1#

Router R2

R2# show ip route

IP Route Status

R2#

ISP Router R3

R3# show ip route

IP Route Status

R3#

Completing Routing Tables of Routers R1, R2, and ISP R3

Router R1

R1# configure terminal

R1 (config) # ip route 9.0.0.0 255.0.0.0 8.0.0.2

R1 (config) # ip route 192.168.2.0 255.255.255.0 9.0.0.2

Router R2

R2# configure terminal

R2 (config) #ip route 192.168.2.0 255.255.255.0 9.0.0.2

R2 (config) #ip route 192.168.1.0 255.255.255.0 8.0.0.1

ISP Router R3

R3# configure terminal

R3 (config) #ip route 8.0.0.0 255.0.0.0 9.0.0.1

R3 (config) #ip route 192.168.1.0 255.255.255.0 8.0.0.1

R3#

Router R1, R2, and ISP R3 Routing Table

Router R1

R1# show ip route

IP Route Status

R1#

Router R2

R2# show ip route

IP Route Status

R2#

ISP Router R3

R3# show ip route

IP Route Status

R3#

Configuring the Static NAT on Router R1

R1#show ip nat translations

Note: There are no NAT translations still.

R1# configure terminal

R1 (config) #ip nat

IP NAT Options

R1 (config) #ip nat inside?

IP NAT Source

R1 (config) #ip nat inside source?

IP NAT Source Options

R1 (config) #ip nat inside source static?

IP NAT Source Static Options

R1 (config) #ip nat inside source static 192.168.1.1?

A.B.C.D Inside global IP address

IP NAT Source Static IP Address

R1 (config) #

Applying Static NAT on Router R1

R1 (config) #interface fastEthernet 0/0

R1 (config-if) #ip nat inside

R1 (config-if) #exit

R1 (config) #interface serial 0/1/0

R1 (config-if) #ip nat outside

R1 (config-if) #end

R1#

Verification

R1# show ip nat translations

IP NAT Translation

R1# debug ip nat

IP NAT debugging is on

R1#ping 192.168.2.1

Successful Ping

Verification from PC2

PC 2> ping 192.168.2.1

Successful Ping

Note: After pings the destination IP address from PC 1 and opening the Router R1, then it will show as follows after IP NAT debugging on command in the Privileged Mode.