Static Nat; Static Pat - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 9
Configuring Network Address Translation
For the duration of the translation, a global host can initiate a connection to the local host if an ACL
Note
allows it. Because the port address (both local and global) is unpredictable, a connection to the host is
unlikely. However in this case, you can rely on the security of the ACL.
Static NAT
Static NAT translates each local address to a fixed global address. With dynamic NAT and PAT, each host
uses a different address or port after the translation times out. Because the global address is the same for
each consecutive connection with static NAT, and a persistent translation rule exists, static NAT allows
hosts on the global network to initiate traffic to a local host (if there is an ACL that allows it).
The main difference between dynamic NAT and a range of addresses for static NAT is that static NAT
allows a global host to initiate a connection to a local host (if there is an ACL that allows it), while
dynamic NAT does not. You also need an equal number of global addresses as local addresses with
static NAT.
Static PAT
Static PAT is the same as static NAT, except it lets you specify the protocol (TCP or UDP) and port for
the local and global addresses.
This feature lets you identify the same global address across many different static statements, so long as
the port is different for each statement (you cannot use the same global address for multiple static NAT
statements).
OL-6392-01
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
NAT Overview
9-5
Advertisement
Table of Contents
Troubleshooting
