Network Address Translation (NAT) allows you to connect a private network to the Internet without obtaining registered addresses for every host. Private addresses are translated to the public address of the NAT router. NAT can be used to provide a measure of security for your private network, or to provide Internet connectivity with a limited number of registered
As you work with NAT, it's important to understand the following terminology.
Inside The inside network is the private network
A router interface that connects to the private network is also called the inside interface.
Outside The outside network
is the public network (the Internet).
A router interface that connects to the public network is also called the outside interface.
Inside local address
The inside local address is the IP address of the host on the inside network.
Inside global address
The inside global address is the IP address of the host after it has been translated for use on the Internet. The term global refers to the registered IP address that identifies the inside host on the Internet.
Outside global address
The outside global address is an IP address of an Internet host. For example, when you visit a Web site, your computer will use the global outside address to contact the Web server.
Outside local address
An outside local address is an outside global address that has been translated for inside (or private) use. In other words, the NAT router translates an Internet host IP address into a private IP address. Instead of using the Web server address, the internal computer will use the translated address instead.
When you configure NAT, you have the following options on a Cisco router.
With static NAT, each inside host IP address is manually associated with a registered IP address. In other words, you manually map an inside local address to an inside global address.
Dynamic NAT is just like static NAT, except that the address mappings are done automatically. The NAT router has a pool of inside global IP addresses that it uses to map to inside local addresses.
Overload with Port Address Translation (PAT)
Overloading is the process of assigning multiple inside local addresses to a single inside global address. Port numbers are used to identify specific inside local hosts. The port number is appended to the inside global IP address.
When you configure NAT, be sure to use an IP address in the private IP address ranges for the inside local IP addresses. Otherwise, hosts on your network might not be able to access outside hosts with the same IP address. A Cisco router can be configured to overcome this problem, but the configuration is difficult.
Private IP addresses do not need to be registered, and fall within the following ranges:
• 10.0.0.0 to 10.255.255.255
• 172.16.0.0 to 172.31.255.255
• 192.168.0.0 to 192.168.255.255