Command
IP nat inside source list
Use
This command is used to specify an access-list that matches which IPs should be translated.
Syntax
R1(config)#ip nat inside source list <access-list> <pool or interface> overload
Options
| <pool> | Specifies what NAT Pool to use. |
| <interface> | Tells NAT to use the IP address on a given interface instead of a pool |
| <overload> | Tells NAT to overload a single IP address so it can support numerous translations. |
Example
In this example, we will remove all routing protocols on R2. Afer that, using NAT, we will restore reachbility so that R1 can ping 10.2.2.3
router eigrp 100 network 10.1.1.2 0.0.0.0 no auto-summary router ospf 1 log-adjacency-changes network 10.2.2.0 0.0.0.255 area 0 router rip version 2 network 2.0.0.0 network 10.0.0.0 no auto-summary R2(config-if)#no router rip R2(config)#no router eigrp 100 R2(config-if)#no router ospf 1 R1(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.2 R1(config)#do ping 10.2.2.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.2.2.3, timeout is 2 seconds: ….. Success rate is 0 percent (0/5)
Now we will configure NAT using a pool of 10.2.2.5 to 10.2.2.10. Theses addresses will be assigned per session as needed by NAT.
R2(config)#access-list 10 permit 10.1.1.0 0.0.0.255 R2(config)#ip nat pool REACH 10.2.2.5 10.2.2.10 netmask 255.255.255.0 R2(config)#ip nat inside source list 10 pool REACH R2(config)#int fa0/0 R2(config-if)#ip nat inside R2(config-if)#int fa1/0 R2(config-if)#ip nat outside R1(config)#do ping 10.2.2.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.2.2.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/39/116 ms R2(config)#do sh ip nat trans Pro Inside global Inside local Outside local Outside global icmp 10.2.2.6:21 10.1.1.1:21 10.2.2.3:21 10.2.2.3:21 — 10.2.2.6 10.1.1.1 — —