--> IP NAT INSIDE command basically applied on the LAN interface.( which is connected to our company network)
---> IP NAT OUTSIDE command is applied on the WAN interface. ( Which is connected to Internet)
---> IP NAT INSIDE SOURCE STATIC 10.0.0.1 200.0.0.10 command does two things
i) whenever the packet is received on the inside interface it will translate the source address of 10.0.0.1 into 200.0.0.10 ( IN--- OUT)
ii) Whenever the packet is received on the outside interface it will translate the destination address of 200.0.0.10 into 10.0.0.1 ( OUT---IN)
Note: This is used for translating the source IP address whenever the traffic is going from inside to outside,
--> Most commonly used.
---> IP NAT OUTSIDE SOURCE STATIC 200.1.0.1 200.0.0.10 command does two things
i) whenever the packet is received on the outside interface it will translate the source address of 200.1.0.1 into 200.0.0.10 ( Out-- IN)
ii) Whenever the packet is received on the Inside interface it will translate the destination address of 200.0.0.10 into 200.1.0.1 ( IN--- OUT)
Note:This is used for translating the source IP address whenever the traffic is going from outside to inside,
--> Basically used when we have overlapping subnets and want to connect via VPN or any other method.
--> When Packet hits IP Nat INSIDE interface the first thing the router will perform route lookup to find out the outgoing interface and checks whether translation rule is or not then only it will perform NAT Translation.
--> When Packet hits IP Nat Outside interface the first thing the router will check NAT Table for Translation then it will do route lookup.
---> IP NAT OUTSIDE command is applied on the WAN interface. ( Which is connected to Internet)
---> IP NAT INSIDE SOURCE STATIC 10.0.0.1 200.0.0.10 command does two things
i) whenever the packet is received on the inside interface it will translate the source address of 10.0.0.1 into 200.0.0.10 ( IN--- OUT)
ii) Whenever the packet is received on the outside interface it will translate the destination address of 200.0.0.10 into 10.0.0.1 ( OUT---IN)
Note: This is used for translating the source IP address whenever the traffic is going from inside to outside,
--> Most commonly used.
---> IP NAT OUTSIDE SOURCE STATIC 200.1.0.1 200.0.0.10 command does two things
i) whenever the packet is received on the outside interface it will translate the source address of 200.1.0.1 into 200.0.0.10 ( Out-- IN)
ii) Whenever the packet is received on the Inside interface it will translate the destination address of 200.0.0.10 into 200.1.0.1 ( IN--- OUT)
Note:This is used for translating the source IP address whenever the traffic is going from outside to inside,
--> Basically used when we have overlapping subnets and want to connect via VPN or any other method.
--> When Packet hits IP Nat INSIDE interface the first thing the router will perform route lookup to find out the outgoing interface and checks whether translation rule is or not then only it will perform NAT Translation.
--> When Packet hits IP Nat Outside interface the first thing the router will check NAT Table for Translation then it will do route lookup.
0 comments:
Post a Comment