Configure Single Outside NAT on Cisco IOS-XE: A Step-by-Step Guide

Introduction

Welcome back to Network ThinkTank, your go-to source for networking, technology, and cybersecurity insights. In today’s blog post, we’ll walk you through the process of configuring single outside NAT (Network Address Translation) on a Cisco IOS-XE device. This configuration will use GigabitEthernet2 as the outside interface, with an inside address of 172.16.1.2 and an outside address of 200.200.210.199. Let’s dive in and explore the steps required to set up this NAT configuration on your Cisco router.

Step 1: Define Inside and Outside Interfaces

First, we need to define the inside and outside interfaces on the router. In our example, GigabitEthernet1 is the inside interface with an IP address of 172.16.1.1, while GigabitEthernet2 is the outside interface with an IP address of 200.200.210.198.

interface GigabitEthernet1
ip address 172.16.1.1 255.255.255.0
ip nat inside
!
interface GigabitEthernet2
ip address 200.200.210.198 255.255.255.0
ip nat outside

Step 2: Configure an Access List

Next, we’ll create an access list to define the traffic that will be translated. In this example, we’ll permit traffic from the inside host with an IP address of 172.16.1.2.

ip access-list standard NAT_TRAFFIC
permit 172.16.1.2

Step 3: Configure Static NAT

Now it’s time to configure the static NAT translation. We’ll map the inside address 172.16.1.2 to the outside address 200.200.210.199.

ip nat inside source static 172.16.1.2 200.200.210.199

Step 4: Apply the Access List to the NAT Configuration

Lastly, apply the access list to the NAT configuration to ensure that only traffic from the specified inside host is translated.

Conclusion

With this configuration in place, your Cisco IOS-XE router will now perform single outside NAT, translating the inside address 172.16.1.2 to the outside address 200.200.210.199 using the GigabitEthernet2 interface. This setup is useful for scenarios where you need to provide internet access to an internal host while preserving its IP address on the public network.

Stay tuned to Network ThinkTank for more tutorials, guides, and insights into the world of networking, technology, and cybersecurity. Keep learning and enhancing your skills to master the intricacies of network configurations and management. Happy networking!