Port Address Translation (PAT)
PAT allows many devices to go out to the internet using only 1 Public IP address.
1.How it works
Section titled “1.How it works”When your devices all try to browse the internet from your house, they all hit your home router. Your ISP only gave your house one public IP address.
To make it work, the router alters the outbound packet:
It changes the Private Source IP to your one Public IP.
It changes the Source Port to a random, high number (e.g., 50001).
When the web server replies, it sends the packet back to your Public IP on port 50001. Your router looks at its NAT Translation Table, sees that port 50001 belongs specifically to your Mac, changes the destination IP back to your Mac’s private IP, and forwards it inside.
This allows up to 65,000 internal devices to share a single public IP address simultaneously!
2.Configuration
Section titled “2.Configuration”Step 1: Create the ACL to define who is allowed out.
Section titled “Step 1: Create the ACL to define who is allowed out.”Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255Step 2: Link the ACL to the Outside Interface.
Section titled “Step 2: Link the ACL to the Outside Interface.”Router(config)# ip nat inside source list 1 interface GigabitEthernet0/1 overloadStep 3: Define the interfaces
Section titled “Step 3: Define the interfaces”Router(config)# interface GigabitEthernet0/0Router(config-if)# ip nat insideRouter(config)# interface GigabitEthernet0/1Router(config-if)# ip nat outside