2

I have two private IP addresses, want to make them NAT to 203.0.113.0/2 public IP address.

WAY 1 : Static NAT (2 ip addresses NATted to one by manually)

WAY 2 : PAT (Router gives port number for each device randomly)

Question is that : Why doesn't router apply the same things on Static NATting?

Improve this question
9
  • 1
    "want to make them NAT to 10.10.10.1 public IP address." Actually 10.10.10.1 is not a public IP address, it is in the 10.0.0.0/8 Private IPv4 address block.
    – Ron Maupin
    Commented Jun 5, 2020 at 21:55
  • Hello mr Ron Maupin. I ' ve just put example to understand the main background of the procedure.
    – CoderBoy
    Commented Jun 5, 2020 at 21:56
  • Then you should use an address from one of the three address blocks IANA has set aside for that: 192.0.2.0/24, 198.51.100.0/24, and 203.0.113.0/24. That way people know you are giving an example, not that you are completely confused about public/private addressing.
    – Ron Maupin
    Commented Jun 5, 2020 at 22:00
  • I want to understand that why router doesnt give different port number on static routing if it must be applied.
    – CoderBoy
    Commented Jun 5, 2020 at 22:00
  • 1
    Basic NAT only translates the network addresses, while NAPT (what Cisco calls PAT) also translates the transport protocols address (port) for TCP and UDP, and the Query ID for ICMP. RFC 2663, IP Network Address Translator (NAT) Terminology and Considerations and RFC 3022, Traditional IP Network Address Translator (Traditional NAT) go into more detail, but it would help if we had a specific router model because different routers do it differently.
    – Ron Maupin
    Commented Jun 5, 2020 at 22:14

2 Answers 2

Reset to default
0

The router (or ASA) giving different ports for a Dynamic PAT is what allow multiple hosts to share a single public IP address at the same time.

This answer will explain why a Dynamic PAT must change the Port number.

Either way, the ASA will allow you to configure two Static NAT's, but keep in mind the translation will only apply in the outbound direction. On the inbound direction, only one Static NAT will apply.

Meaning if you have two Internal hosts: 10.0.0.11 and 10.0.0.22, and you configure two Static NATs:

object network HOST1
  host 10.0.0.11
  nat (inside,outside) static 72.9.9.33

object network HOST2
  host 10.0.0.22
  nat (inside,outside) static 72.9.9.33

When either host makes a outbound request, their traffic will be translated to 72.9.9.33. BUT, if anyone external initiates a request to 72.9.9.33, it will only be translated to Host1's IP address.

So it isn't a true Static NAT. It's a true Static NAT for the first host (inbound and outbound), and a psuedo Static NAT for the second host (outbound only).

If you only need specific ports to access the internal servers, you're better off configuring a Static PAT.

Improve this answer
0

PAT is used to translate multiple private IP addresses to a single public IP address. PAT is used for internet connectivity mostly..

Static NAT is used to translate a single private IP address with a single public IP address. When application is hosted in the internal network wants to access application from internet static NATting is used. It's one to one NATting ...

PAT is many to one natting pat is also called NAT overload..

Improve this answer
1
  • Port adress translation is for outbound traffic Static nat is for inbound traffic..
    – Sagar Uragonda
    Commented Jul 5, 2020 at 18:27

Not the answer you're looking for? Browse other questions tagged or ask your own question.