Defining Static Address Translations

Static address translation establishes a one-to-one mapping between a local and global address or local and global address/port pair. When specifying a static address translation or address/port pair translation, you issue commands to indicate how the translation is applied, along with more specific variables that further define the type of translation.

CAUTION: You must mark interfaces that participate in NAT translation as on the inside or the outside network. See Specifying Inside and Outside Interfaces for details.

Creating Static Inside Source Translations

You use the ip nat inside source static command to create static translations from a local IP address to a global IP address, and to "untranslate" the destination address when a packet returns from the outside network to the inside network. When configuring traditional NAT (both basic NAT and NAPT), you need only use this command alone. However, when configuring twice NAT, you must also use the ip nat outside source static command.

The ip nat inside source static command creates a simple (IP address only) or extended (IP address, port, and protocol) entry in the translation table that maps the two addresses.

ip nat inside source static

• Use to create static translations for a source address (or address/port pair) when routing a packet from the inside network to the outside network, and to "untranslate" the destination address (or address/port pair) when a packet returns from the outside network to the inside network.
• Example 1—Simple address translation

host (config) # ip nat inside source static 10.1.2.3 171.69.68.10

• Example 2—Extended address/port translation

host (config) # ip nat inside source static tcp 10.1.2.3 15 171.69.68.10 30

• Use the no version to remove the static translation and purge the associated translations from the translation table.
  

  NOTE: Creating a static translation with the ip nat inside source static command allows any outside host to contact the inside host by using the inside global address of the inside host. A static translation can be used by traffic that is initiated in either direction.

  
  

Creating Static Outside Source Translations

Less commonly used, outside source translation allows you to set up translation between two nonunique or not publicly routable networks (for example, two separate networks that use overlapping IP address blocks).

This command creates a simple (IP address only) or extended (IP address, protocol, and port) entry in the translation table that maps the two addresses.

ip nat outside source static

• Use to translate the source address when routing a packet from the outside network to the inside network, and to "untranslate" the destination address when a packet travels from the inside network to the outside network.
• Example 1—Simple address translation

host (config) # ip nat outside source static 171.69.68.10 10.1.2.3

• Example 2—Extended address/port translation

host (config) # ip nat outside source static tcp 171.69.68.10 56 10.1.2.3 24

• Use the no version to remove the static translation and purge the associated translations from the translation table.
  

  NOTE: Creating a static translation with the ip nat outside source static command allows any inside host to contact the outside host by using the outside local address of the outside host. A static translation can be used by traffic that is initiated in either direction.