Scribd Logo
Upload

Welcome to Scribd!

  • 03 - Linux ITNSA - NAT

    Uploaded by

    SiskaAmalia
    17 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views5 pages

    03 - Linux ITNSA - NAT

    Uploaded by

    SiskaAmalia

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Network Address Translation

    (NAT)
    NAT ?
    Network Address Translation (NAT) allows for multiple network hosts to share the same external IP address.
    There are two types of outbound NAT or source NAT:

    1. MASQUERADE
    ○ Works with a dynamic source IP address. It is useful for servers with dynamic IP addresses.
    2. SNAT (Source NAT)
    ○ Works with a static source IP address. It is less complex than MASQUERADE.

    There is also a form of inbound or destination NAT (DNAT). DNAT allows for services to be behind a bastion
    host and to be easily load-balanced to different hosts.
    (Linux Foundation LFS211)
    NAT using iptables
    ● Install iptables
    ○ # apt install iptables
    ● Masquerade
    ○ # iptables -t nat -A POSTROUTING -o enp0s8 -s 192.168.1.0/24 -j MASQUERADE
    ● SNAT
    ○ # iptables -t nat -A POSTROUTING -o enp0s8 -s 192.168.1.0/24 -j SNAT --to 202.121.100.2
    Lab

    ● Create Source NAT for Host to Reach Server via Router


    LAB ITNSA
    ● Enable port NAT in
    NF to allow EDGE1,
    EDGE2, and Internal
    Servers to reach
    public network (H1).
    ● Do not route traffic
    from public network.

    You might also like