Datasheet
Lab – Configuring Dynamic and Static NAT
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 15
Inside interfaces:
GigabitEthernet0/1
Hits: 16 Misses: 0
CEF Translated packets: 285, CEF Punted packets: 0
Expired translations: 11
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 pool public_access refcount 4
pool public_access: netmask 255.255.255.224
start 209.165.200.242 end 209.165.200.254
type generic, total addresses 13, allocated 2 (15%), misses 0
Total doors: 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0
Gateway# show ip nat translation
Pro Inside global Inside local Outside local Outside global
icmp 209.165.200.243:512 192.168.1.20:512 192.31.7.1:512 192.31.7.1:512
--- 209.165.200.243 192.168.1.20 --- ---
icmp 209.165.200.242:512 192.168.1.21:512 192.31.7.1:512 192.31.7.1:512
--- 209.165.200.242 192.168.1.21 --- ---
Note: This is only a sample output. Your output may not match exactly.
Reflection
1. Why would NAT be used in a network?
_______________________________________________________________________________________
_______________________________________________________________________________________
_______________________________________________________________________________________
Answers will vary, but should include: whenever there are not enough public IP addresses and to avoid the
cost of purchasing public addresses from an ISP. NAT can also provide a measure of security by hiding
internal addresses from outside networks.
2. What are the limitations of NAT?
_______________________________________________________________________________________
_______________________________________________________________________________________
_______________________________________________________________________________________
NAT needs IP information or port number information in the IP header and TCP header of packets for
translation. Here is a partial list of protocols that cannot be used with NAT: SNMP, LDAP, Kerberos version 5.