1. Home
  2. Cisco Certification
  3. NAT : Inside and Outside source

NAT : Inside and Outside source

I think source here refers to the source address (SA) of an ip packet.

It's for packets that originate from the outside. It

  • translates the source of the IP packets that are traveling outside to inside

  • translates the destination of the IP packets that are traveling inside to outside

And for ip nat inside source list, it's for packets that originated from the inside. It

  • translates the source of IP packets that are traveling inside to outside

  • translates the destination of the IP packets that are traveling outside to inside

It's important to note that they both do basically the same thing but the order of operations (like routing) is different depending on if you are natting from inside-to-outside vs outside-to-inside. Here is a good link on this issue:

formatting link
Doan

Reply to
Doan
Loading thread data ...

inside & outside are just labels, it doesn't matter which way around you put them. hope that's enough to help

Reply to
Phil Watkins

You know the "ip nat inside source list acl_id pool pool_name" command. It says at least that the range of inside (private or local) addresses defined by the acl list will be translated into outside (public or global) adresses defined by the NAT pool. But what special does says "inside source"? After all, the command could be shortened into "ip nat list acl_id pool pool_name" to establish the association between inside (local) and outside (global) adresses.

However "inside source" must have a special meaning because beside the "ip nat inside source" there is an "ip nat outside source" command. So what does both inside and outside source mean? Does the word "source" refer to the source of a transport (TCP) session ?

As a secondary question, what purpose is the "ip nat outside source" command for?

Thanks for any clarification on this subject.

Bernard.

Reply to
Bernard Herickx

Thanks Doan.

Bernard.

Reply to
Bernard Herickx

Finally reading

formatting link
to undertand that

the "ip nat inside source" purpose is to make an inside address appear as a genuine outside address when the packet travels and is seen on the outside network.

the "ip nat outside source" purpose is to make an outside address appear as a genuine inside address when the packet travels and is seen on the inside network

Does it make sense ? ________________________

Reply to
Bernard Herickx

Yes, that is correct. "ip nat inside source" will translate the SOURCE address as it travels inside (clean side) to outside (dirty side). And it translates the destination address as it travels outside to dirty side.

See

formatting link
for a very clear example of what's going on.

Reply to
Hansang Bae

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.