The following table lists the address ranges as specified in RFC 1918 that can be used by anyone as internal private addresses. These will be your “inside-the-LAN” addresses that will have to be translated into public addresses that can be routed across the Internet. Any network is allowed to use these addresses; however, these addresses are not allowed to be routed onto the public Internet.
Configuring Dynamic NAT: One Private to One Public Address Translation
Configuring PAT: Many Private to One Public Address Translation
All private addresses use a single public IP address and numerous port numbers for translation.
NOTE: You can have an IP NAT pool of more than one address, if needed. The syntax for this is as follows:
Corp(config)#ip nat pool scott 64.64.64.70 74.64.64.128 netmask 255.255.255.128
You would then have a pool of 63 addresses (and all of their ports) available for translation.
Configuring Static NAT: One Private to One Permanent Public Address Translation
CAUTION: Make sure that you have in your router configurations a way for packets to travel back to your NAT router. Include a static route on the ISP router advertising your NAT pool and how to travel back to your internal network. Without this in place, a packet can leave your network with a public address, but it will not be able to return if your ISP router does not know where the pool of public addresses exists in the network. You should be advertising the pool of public addresses, not your private addresses.
Verifying NAT and PAT Configurations
Troubleshooting NAT and PAT Configurations
