Your explaination is EXCELLENT. However, I would like to add that by
using PAT (PortAddress Translation), some applications like H323 will
have problem because those applications sometime require specific inbound
port. I've had first-hand experience withCisco PIX when trying to do
PAT. >From: "Circusnuts" >Reply-To: "Circusnuts" >To:
[EMAIL PROTECTED] >Subject: Re: NAT (long reply) [7:11252] >Date: Sat,
7 Jul 2001 11:28:27 -0400 > >I believe you are referring to NAT Overload,
which is also know as PAT (Port >Address Translation). I found little
information from CCO (most was related >to the cable modem IOS) & it took
me quite some time to write my last >config. With PAT you have one (or
very few Global IP addresses) & many >Private inside addresses. This is
generally the case with a home network or >small business where the user
cannot get or does not want to pay for extra >IP addresses. The router is
actually ear-marking or mapping the private IP >address (via port
spoofing) when leaving the router under the 1 Global IP. >By tagging or
earmarking, the router knows what local Private address owns >the TCP
session taking place (among many) on the 1 Global IP. The commands >in
the config that allow you to do this are: > >ip nat pool Circusnuts
24.x.x.1 24.x.x.1 netmask 255.255.255.0 >ip nat inside source list 1 pool
Circusnuts overload > >If you notice, the range given above is one IP
(24x.x.1 to 24.x.x.1) address >space in size. The router is instructed to
use Overload (to start Port >Spoofing) if that range of the 1 Global IP
is ever exceeded by the inside >Private addressing requirements. To watch
this take place in your config, >the commands are Show IP NAT Statistics
& Show IP NAT Translation. > >2621#sh ip nat stat >Total active
translations: 3 (0 static, 3 dynamic; 3 extended) >Outside interfaces: >
FastEthernet0/1 >Inside interfaces: > FastEthernet0/0 >Hits: 47215
Misses: 1478 >Expired translations: 1475 >Dynamic mappings: >-- Inside
Source >access-list 1 pool Circusnuts refcount 3 > pool Circusnuts:
netmask 255.255.255.0 > start 24.x.x.1 end 24.x.x.1 > type generic, total
addresses 1, allocated 1 (100%), misses 2 > >2621#sh ip nat trans >Pro
Inside global Inside local Outside local Outside global >tcp
24.x.x.1:2486 10.1.1.2:2486 207.46.145.36:80 207.46.145.36:80 >tcp
24.x.x.1:2483 10.1.1.2:2483 207.46.145.36:80 207.46.145.36:80 >tcp
24.x.x.1:2485 10.1.1.2:2485 207.46.179.71:80 207.46.179.71:80 >tcp
24.x.x.1:2480 10.1.1.2:2480 207.46.179.71:80 207.46.179.71:80 >tcp
24.x.x.1:2484 10.1.1.2:2484 64.232.139.99:80 64.232.139.99:80 >udp
24.x.x.1:2481 10.1.1.2:2481 24.5.80.33:53 24.5.80.33:53 >udp
24.x.x.1:2482 10.1.1.2:2482 24.5.80.33:53 24.5.80.33:53 >udp
24.x.x.1:2479 10.1.1.2:2479 24.5.80.33:53 24.5.80.33:53 > >Does this
makes sense ??? >Phil > > >----- Original Message ----- >From: "a. ahmad"
>To: >Sent: Saturday, July 07, 2001 8:37 AM >Subject: NAT [7:11245] > > >
> hi, > > can any one describe NAT Function in detail (many-to-one). > >
misconduct and Nondisclosure violations to [EMAIL PROTECTED]
------------------------------------------------------------------------
Get your FREE download of MSN Explorer at http://explorer.msn.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=11282&t=11252
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
