NAT Comparison

Dynamic NAT
8.2
global (outside) 1 192.1.20.51-192.1.20.70
nat(inside) 1 10.11.11.0 255.255.255.0
------------------------------------------------------------8.4
object network pool10.11.11.0
range 192.1.20.51 192.1.20.100
!
object network net-10.11.11.0
subnet 10.11.11.0 255.255.255.0
nat (ins,out) dynamic pool10.11.11.0
=============================================
Dynamic PAT - With Address
8.2
global (outside) 1 192.1.20.11
nat (inside) 1 10.1.1.0 255.255.255.0
--------------------------------------------------------8.4
object network NET-10.11
subnet 10.1.1.0 255.255.255.0
nat (inside,outside) dynamic 192.1.20.11
=============================================
Dynamic PAT - With Interface
8.2
---global (outside) 1 interface
nat (inside) 1 10.1.1.0 255.255.255.0
!
8.4
---------------------object network NET-10.11
subnet 10.1.1.0 255.255.255.0
nat (inside,outside) dynamic interface
=============================================
Dynamic NAT with PAT combination
----------------------------------------------------------------8.2
global (outside) 1 192.1.20.51-192.1.20.99
global (outside) 1 192.1.20.100
nat (ins) 1 10.11.11.0 255.255.255.0
8.4
object network POOL1
range 192.1.20.51 192.1.20.99
!
host 192.1.20.100
!
object-group network NAT-PAT-POOL
network-object object POOl1
network-object object POOl2
!
subnet 10.11.11.0 255.255.255.0
nat (inside,outside) dynamic NAT-PAT-POOL
=============================================
Dynamic NAT with PAT Interface Backup
--------------------------------------------------------------------------8.2
global (outside) 1 192.1.20.51-192.1.20.99
global (outside) 1 interface
nat (ins) 1 10.11.11.0 255.255.255.0
8.4
range 192.1.20.51 192.1.20.99
!
subnet 10.11.11.0 255.255.255.0
nat (inside,outside) dynamic POOL1 interface
=============================================
Static NAT
----------------------------------------------------------8.2
static (dmz,out) 192.1.20.11 192.1.168.1.11
static (dmz,out) 192.1.20.12 192.1.168.1.12
static (dmz,out) 192.1.20.13 192.1.168.1.13
!
access-list abc permit tcp any host 192.1.20.11 eq 80
access-list abc permit udp any host 192.1.20.13 eq 53
!
access-group abc in interface outside
----------------------------------------------------------------8.4
object network WWW-S1
host 192.168.1.11
nat (dmz,outside) static 192.1.20.11
!
object network EMAIL-S1
host 192.168.1.12
!
object network RDP-S1
host 192.168.1.13
!
!
=============================================
Static PAT
------------------------------------------------------8.2
!
static (dmz,out) tcp 192.1.20.11 8080 192.168.1.15 80
!
!
!
8.4
!
object network WWW-S2
host 192.168.1.15
nat (dmz,outside) static 192.1.20.11 service tcp 80 80
!
object network EMAIL-S2
host 192.168.1.16
nat (dmz,outside) static 192.1.20.11 service tcp 25 25
!
object network DNS-S2
host 192.168.1.17
nat (dmz,outside) static 192.1.20.11 service udp 53 53
!
!
!
=============================================
Lab 8 - Identity NAT
------------------------------------------------8.2
----static (ins,out) 199.1.1.1 199.1.1.1
!
8.4
-------object network R1
host 199.1.1.1
nat (inside,outside) static 199.1.1.1
=============================================
DNS Doctoring
-----------------------------8.2
-----static (ins,outside) 192.1.20.80 10.11.11.80 dns
!
8.4
-----object network MYWEB
host 10.11.11.80
nat (inside,outside) static 192.1.20.25 dns
=============================================
Destination NAT with 2 Statements
8.2
----static (dmz,outside) 1 192.1.20.22 192.168.1.99
static (outside,dmz) 1 192.168.1.98 199.1.1.1
!
access-list abc permit ip host 199.1.1.1 host 192.1.20.22
!
access-group in interface outside
8.4
----object network MYMF
host 192.168.1.99
nat (dmz,out) static 192.1.20.22
!
object network REMOTEMF
host 199.1.1.1
nat (out,dmz) static 192.168.1.98
access-list abc permit ip host 192.168.1.98 host 192.168.1.99
!
access-group in interface outside
=============================================
Policy Nat(dual nat/twice nat)
================
8.2
access-list a permit ip host 10.11.11.1 host 2.2.2.2
static (ins,out) 192.1.20.101 accesslist a
!
access-list b permit ip host 10.11.11.1 host 192.1.20.2
static (ins,out) 192.1.20.101 access-list b
!
8.4
----object network r1
host 10.11.11.1
!
object network h199
host 199.1.1.1
!
object network h200
host 200.1.1.1
!
object network r1-199
host 192.1.20.30
!
object network r1-200
host 192.1.20.31
!
nat (ins,out) source static r1 r1-199 destination static h199
nat (ins,out) source static r1 r1-200 destination static h200

NAT Comparison

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NAT Comparison

Uploaded by

Copyright:

Available Formats

Dynamic NAT

You might also like