How To Configure Dynamic NAT in Cisco Packet Tracer

Dynamic NAT is used for a large network or when a large number of users want to access external resources. We highly recommend you to read the previous post, “Configuring Static NAT” if you missed that. In this post, we will explain how to configure dynamic NAT. Configuring dynamic NAT is slightly different from the configuring static NAT.

In order to configure dynamic NAT, you need to apply an ACL to specify which users or networks are allowed to access external resources and need to be translated. After that, you need to create a range of IP addresses (called pool) from which the NAT router will allocate the IP addresses to the internal users on the “first come first serve” basis.

Also read: Step by Step Guide to Configure Access Control List

We will use the following Cisco Packet Tracer topology. We assume that you have already configured appropriate IP addresses on each device.Configure Dynamic NAT in Cisco Packet Tracer

Steps to Configure Dynamic NAT

To configure dynamic NAT, you need to perform the following steps:

  1. On Router1, execute the following commands to specify the inside and outside interfaces.
    Router1(config)#int fa0/0
    Router1(config-if)#ip nat inside
    Router1(config-if)#exit
    Router1(config)#int fa0/1
    Router1(config-if)#ip nat outside
    Router1(config-if)#exit
  2. Now, execute the following command to create a pool and specify the ranges that the NAT router will use to allocate IP addresses.
    Router1(config)#ip nat pool mypool 150.150.1.1 150.150.1.10 netmask 255.255.0.0
  3. Next, execute the following command to apply the created pool.
    Router1(config)#ip nat inside source list 10 pool mypool
  4. Next, execute the following commands to apply an ACL to allow the networks.
    Router1(config)#access-list 10 permit 10.0.0.0 0.255.255.255
  5. Next, execute the following command to specify the interface and the ACL direction.
    Router1(config)#int fa0/0
    Router1(config-if)#ip access-group 50 out
    Router1(config-if)#exit
    Router1(config)#exit
  6. The following figure shows the Dynamic NAT configuration on Router1.

Verify Dynamic NAT configuration

  1. To verify dynamic NAT configuration, open command prompts on PC0 and PC1 and type the following command on both PCs:
    Ping 192.168.1.2
  2. Now, execute the following command to show the translated IP addresses.
    Router1#show ip nat translations

Verify that the private IP address is translated into a global IP address from the configured pool.

In this post, we have explained how to configure Dynamic NAT on Cisco routers using Cisco Packet Tracer. Do share the article and subscribe us for more upcoming posts.

Posted in CCNA, Cisco, Security Tagged with: , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*