We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 622 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)


444 New Members signed up the last 30 days!


100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: , ,

Forum Replies

  1. Hi Karthik,
    These terms can be quite confusing–I am still baffled why Cisco continues to use them! This is what has helped me …

    As you know, there are four possible varieties:

    1. Inside Local
    2. Inside Global
    3. Outside Local
    4. Outside Global

    Notice the left word is always either “Inside” or “Outside.” Think of this as the origin of the packet with respect to a NAT. Did the packet originate inside or outside the NAT?

    The word on the right is always either “Local” or “Global.” Think of this as where you have captured the packet you are looking at with respect to the

    ... Continue reading in our forum

  2. Hi Rene,

    Can you create an example of private IP addresses being translated to the public IP address that is not used as a physical interface? Is that possible? For example the ISP gave you a chunk of and the physical interface will use for the ISP and for our NAT router. Can the LAN subnets be translated to - 6?


  3. Given the topology you used in this lesson you used an access list to tag the inside traffic:

    NAT(config)#access-list 1 permit
    NAT(config)#ip nat inside source list 1 interface fastEthernet 1/0 overload

    I understand that. But what would you do if there were more networks behind the Host 1 and Host 2 routers? Lets say you had the network and the network etc etc. Would you have to create an access-list for each internal network segment?

  4. Hi Jason,

    That’s right. You’ll need to create a match statement for each source network that should be translated (or create one statement that matches multiple networks).

    Your NAT router looks for the source IP address in the packets that it receives, if it matches an access-list entry, it will translate it.


12 more replies! Ask a question or join the discussion by visiting our Community Forum