Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PAT config question

Status
Not open for further replies.

skk391

Technical User
Mar 3, 2009
332
GB
I have a question.

I am currebtly studing for my ICDN 2 exam and have a question regarding PAT config.

I have two main sourcea, on of the sources states that I need to carry out the following config to setup PAT, the configure goes something like this :

config t
int e 0
ip nat inside
int s 0
ip nat outside
access-list 1 permit 10.1.1.0 0.0.0.255
ip nat inside source list 1 interface s 0 overload


but the other config is asking me to setup address pool stating my external address and then ;

ip nat inside source list 1 pool testpool overload

My question is which methos is the recommended method and which one whill be tested on the exam? If the answer is both then how do you config the first example to use a range of global inside addresses,because at the moment I see that that I have pointed the router to int s 0 which will be configured with only one ip address assigned to it..

Thanks
 
Follow this link:


You will need to have a Cisco login in order to see it. There are so many ways to configure NAT and many differentr circumstances. This is always the best place to start with NAT or any other IOS technology for that matter(DOC-CD).

As for what will show up on your test, your guess is a good as mine. No one will tell you directly though, thats for sure as they are not allowed. If the technology shows up in the outline for the test on CCO then I would know about it.
 
I've not encountered using the interface before in any examples, labs or exams. I would assume that it would try and use the address of the interface only as the source.

I'll answer it with the answer my lectuerers always gave when I thought they were avoiding the question, why not lab it and see what happens :)?
 
I think that if you have a range of inside global access then you can use a NAT pool even if you are configuring PAT. But since PAT is used so that you do not have to have many external IP addresses the interface command is usually used because this will only have the one ip address assigned to it. I understand both techniques but just dont want to use the wrong one in the exam....

Thanks

 
The way it was taught to me is that you declare your inside and outside interfaces first.

It probably doesn't matter if you do or not, but the issue is many many people have made the mistake of doing all their NAT pool and what not and having it not work. They bang their heads against the wall trying to get the pool to work when the whole time they just need to define their interfaces
 
My understanding is that, classicaly, for PAT (or overload NAT or some even call it Interface NAT -if applicable), you don't set up a pool because typically you are using one address...since there are sooo many random port#s to use (65,000+), there's really not much value in using a second address, hence the "other" config with the pool would less correct than the one referencing the interface.
Some think of this, even, as "overloading" the interface.

From a test perspective, I do believe that only Dyamic PAT would need to reference IP Pools.

Classic PAT should not.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top