In this tutorial we will learn how to configure STATIC NAT in router using cisco packet tracer.To show you how to configure static nat on routers here i am using cisco packet tracer software to demonstrate the lab with an example.
Using NAT we can hide real ip address,we can translate private ip address to public ip address and vice versa.As we all know in internet only public ip addresses are used and some ip in every class has been reserved for use in LOCAL AREA CONNECTION say LAN and these ranges of ip are known as Private IP Address.Private Addresses can only be used in LAN and it can’t be used in internet.But our PC with private address can communicate with PC or Machine having public ip address using NAT(Network Address Translation).
Now see the list of PRIVATE IP ADDRESS .
Now see the Example Lab Diagram through which we are going to learn how to configure STATIC NAT here.
In above Diagram you can clearly see there are total 3 network used in this topology diagram.
Network 1.0.0.0 which is a public network.
Network 2.0.0.0 which is also a public network.
Network 10.0.0.0 which is a Private Network.
Now you can see above table which clearly show what we are going to do now.We are going to convert above private ip in to their mapping public ip as mentioned in diagram.
STEP-1 Configuration on Router R1
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host r1
r1(config)#int fa0/0
r1(config-if)#ip add 1.0.0.1 255.0.0.0
r1(config-if)#no shut
r1(config-if)#exit
r1(config)#int se0/0/0
r1(config-if)#clock rate 64000
r1(config-if)#ip add 2.0.0.1 255.0.0.0
r1(config-if)#exit
r1(config)#ip route 3.0.0.0 255.0.0.0 2.0.0.2
Step-2 Configuration on Router R2
Router>enable
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host r2
r2(config)#int se0/0/0
r2(config-if)#ip add 2.0.0.2 255.0.0.0
r2(config-if)#no shut
r2(config-if)#exit
r2(config)#
r2(config)#int fa0/0
r2(config-if)#ip add 10.0.0.1 255.0.0.0
r2(config-if)#no shut
Step-3 Start configuring Private IP to Public IP
r2(config)#ip route 1.0.0.0 255.0.0.0 2.0.0.1
r2(config)#ip nat inside source static 10.0.0.2 3.0.0.2
r2(config)#ip nat inside source static 10.0.0.3 3.0.0.3
r2(config)#ip nat inside source static 10.0.0.4 3.0.0.4
r2(config)#ip nat inside source static 10.0.0.5 3.0.0.5
r2(config)#exit
r2#config t
Enter configuration commands, one per line. End with CNTL/Z.
r2(config)#int fa0/0
r2(config-if)#ip nat inside
r2(config-if)#exit
r2(config)#int se0/0/0
r2(config-if)#ip nat outside
r2(config-if)#exit
r2(config)#
Step-4 NAT testing and Troubleshooting command.
r2#show ip nat translations
Pro Inside global Inside local Outside local Outside global
— 3.0.0.2 10.0.0.2 — —
— 3.0.0.3 10.0.0.3 — —
— 3.0.0.4 10.0.0.4 — —
— 3.0.0.5 10.0.0.5 — —
You can also see see NAT Statistics using below command.
r2#show ip nat statistics
Now i am on PC1 and trying to communicate or ping with private ip address mentioned above.
PC>ipconfig
FastEthernet0 Connection:(default port)
Link-local IPv6 Address………: FE80::210:11FF:FEA1:9244
IP Address………………….: 1.0.0.3
Subnet Mask…………………: 255.0.0.0
Default Gateway……………..: 1.0.0.1
PC>ping 10.0.0.2
Pinging 10.0.0.2 with 32 bytes of data:
Reply from 1.0.0.1: Destination host unreachable.
Reply from 1.0.0.1: Destination host unreachable.
Reply from 1.0.0.1: Destination host unreachable.
Reply from 1.0.0.1: Destination host unreachable.
Ping statistics for 10.0.0.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
You can see it say destination unreachable,it means can’t find that ip.
Learn Linux CCNA CEH IPv6 Cyber-Security Online 
well explained ..thank you very much
but i wanna capture the packet and check the translation of private to public ip add ….. how can i do ?
LikeLiked by 1 person
hey anand!
If you want to capture the packets while conversion puplic ip to private ip or private ip to public ip yu have to use GNS3 software instead of cisco packet tracer and wireshark tool.
LikeLike