NAT and its cousin PAT

Network Address Translation (NAT)
Port Address Translation (PAT)

Options: 

- NAT one-to-one       Dynamic
- PAT one-to-many      Dynamic
- NAT one-to-one       STATIC
- PAT Port Forwarding  STATIC

! Create Access List
R1(config)#access-list 10 permit 1.1.1.1 0.0.0.0
R1(config)#access-list 10 permit 1.1.1.2 0.0.0.0
R1(config)#access-list 10 permit 2.2.2.2 0.0.0.0

! Configure inside outside interfaces
R1(config)#interface fas 0/0
R1(config-if)#ip nat outside
*Aug 14 13:05:37.367: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
R1(config-if)#interface ser 1/0
R1(config-if)#ip nat inside
R1(config-if)#exit

! Configure NAT Pool
R1(config)#ip nat pool NAT-POOL 192.168.1.50 192.168.1.60 prefix-length 24

! NAT to a Pool of Addresses
R1(config)#ip nat inside source list 10 pool NAT-POOL

! PAT to a Single Address
R1(config)#ip nat inside source list 10 int fas0/0 overload

*Aug 14 13:28:07.495: NAT*: s=8.8.8.8, d=192.168.1.20->1.1.1.1 [0]
R1(config)#no service timestamps
NAT*: s=1.1.1.1->192.168.1.20, d=8.8.8.8 [1634]

! Static NAT
R1(config)#ip nat inside source static 1.1.1.1 192.168.1.100

NAT*: s=8.8.8.8, d=192.168.1.100->1.1.1.1 [0]
NAT*: s=1.1.1.1->192.168.1.100, d=8.8.8.8 [1892]

R1#show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
icmp 192.168.1.100:10  1.1.1.1:10         8.8.8.8:10         8.8.8.8:10
---  192.168.1.100      1.1.1.1            ---                ---               <<--- STATIC

! Configure Port forwarding
R1(config)#ip nat inside source static tcp 3.3.3.3 80 192.168.1.3 80 extendable

R1#show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
tcp 192.168.1.3:80     3.3.3.3:80         ---                ---                <<--- STATIC