Network Address Translation V
In this part of NAT we will discuss the last common type of NAT, which
is Static NAT. we will also discuss some of the features and special services
on NAT. The discussion ends with a brief overview of SNAT (state-full Network
Address Translation)
Static NAT:
Now let’s suppose we have our email server on 192.168.4.1/24 on R1.
Suppose we want to create a static NAT entry to for SMTP (simple mail transfer
protocol) on this server, so that it can communicate with the outside world and
its SMTP service should be accessible from outside as well.
It is achieved by enabling
Static NAT on R2; we just need to issue the following command in global
configuration mode:
ip nat inside source static
tcp 192.168.4.1 25 interface
Serial1/0 25
Port 25 = SMTP port or email server port
On Port 25 if any packet is
received on our Router R2 interface serial 1/0, it will be forwarded to our
SMPT server 192.168.4.1 and vice versa.
So if we see our NAT translations, we will see a permanent static NAT
entry for TCP port 25 in it:
This entry will not expire from the NAT table after translation
timeout. All dynamic entries are
deleted from the NAT translation table after translation timeout. As we have already discussed, static mapping
is mostly use for server accessibility from outside the local network.
Please remember, STATIC NAT is both way NAT i.e. we can use it for
accessibility from outside our network.
Troubleshooting NAT:
Some of the points we need to keep in mind while troubleshooting NAT:
- Check they dynamic pools, they must
contain correct IP ranges.
- Check if static IPs are overlapping with
the IP pool configured.
- Check if ACL is correctly defined. The
addresses to be mapped are properly specified no address left out.
- Proper inside/outside NAT interfaces are
configured.
Categories:
NAT,
Static NAT
0 comments:
Post a Comment