Nat Types; Dynamic Nat - Cisco Catalyst 6500 Series Configuration Manual

Chapter 9 Configuring Network Address Translation
Figure 9-1
sends a packet to a web server, the local source address of the packet is changed to a routable global
address. When the server responds, it sends the response to the global address, and the FWSM receives
the packet. The FWSM then translates the global address to the local address before sending it on to
the host.
Figure 9-1
Source Addr Translation
10.1.2.27
See the following commands for this example:
FWSM/contexta(config)# nat (inside) 1 10.1.2.0 255.255.255.0
FWSM/contexta(config)# global (outside) 1 209.165.201.1-209.165.201.15

NAT Types

You can implement address translation as dynamic NAT, Port Address Translation (PAT), static NAT, or
static PAT or as a mix of these types. You can also bypass NAT. See the following sections for
information about each type:
•
•
•
•
•

Dynamic NAT

Dynamic NAT translates a group of local addresses to a pool of global addresses that are routable on the
destination network. The global pool can include fewer addresses than the local group. When a local host
accesses the destination network, the FWSM assigns it an IP address from the global pool. Because the
OL-6392-01
shows a typical NAT scenario, with a private network on the inside. When the inside host
NAT Example
Originating
Packet
209.165.201.10
Dynamic NAT, page 9-3
PAT, page 9-4
Static NAT, page 9-5
Static PAT, page 9-5
Bypassing NAT, page 9-7
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Web Server
www.cisco.com
Outside
209.165.201.2
FWSM
209.165.201.10
10.1.2.1
Inside
10.1.2.27
NAT Overview
Responding
Packet
Dest Addr Translation
10.1.2.27
9-3