NAT (Network Address translation) is used to translate the private IP address to public IP address and vice versa.

Most organizations have a limited amount of public IPs as the companies have to pay for it. So, we generally use private IP range in the internal networks. However, if the internal network wants to communicate with the public network, it is not possible since the private IP address can’t recognize the public IP address. Hence, it can’t communicate. To overcome this issue, we use NAT. As the traffic goes out of the internal network, all this internal traffic is assigned a public IP address. This is how the communication becomes possible with the public networks, such as internet.

Within an organization, a large number of devices access the public network. So even though the public IP addresses are not expensive but it is just not feasible to do one to one translation with the public IPs. Besides, organizations would have to buy a large range of public IP addresses for its network. To solve this problem, Nat is often is used with Pat (Port Address Translation). While translating the IP address of the internal network traffic, a port number is assigned to the traffic to distinguish the traffic originating from different systems in the network. This allows multiple systems to access the public network with the use of just one pubic IP.

Although IPv6 provides large number of IP addresses and its practically impossible to run out of IP addresses, if we use IPv6 addresses however NAT with PAT allows organization to continue using the old IPv4 addresses, which is beneficial for small organizations as they do not have to upgrade their network devices nor they have to hire professional to configure devices with IPv6 however this is also preventing the large scale use of IPv6 all over the world.

So, in this lab we will configure Nat with Pat.

First of all, we have to label the interfaces of the router with Nat Inside and Nat Outside. This would let us know the interfaces that are handling the traffic from internal as well as the public network. After that, we have to create an access list to allow a range of IP addresses that needs to be translated to public IP with the help of NAT. And finally, we will enter a command that will take the IP addresses from the access list to be translated into public IP before communicating with the public network. Using ‘overload’ at the end of the command will enable PAT, and the router will able to perform port address translation as well.


NAT overload configuration in packet tracer


Lab Tasks

1. label the interfaces
2. create a access list to allow network to be translated
3. Enable NAT with PAT

Lab Configuration

Task 1

Router(config)#interface fastethernet 0/0

Router(config)#ip nat inside

Router(config)#interface fastethernet 0/1

Router(config)#ip nat outside

Task 2

Router(config)#access-list 1 permit

Task 3

Router(config)#ip nat inside source list 1 interface fastethernet 0/1 overload