NAT Lab

Packet Tracer - Configure PAT

Company: NETWORK TECHNICIAN (STUDENT)

Overview

In this project, I configured and verified Port Address Translation (PAT) using two different methods across two routers — R1 and R2. The goal was to simulate real-world scenarios where multiple internal devices access external networks using a limited number of public IP addresses.

Key Configurations

On R1 (Using NAT Pool with Overload)

  • Created an access list to permit internal traffic from the 172.16.0.0/16 network.

  • Defined a NAT pool:
    ip nat pool ANY_POOL_NAME 209.165.200.233 209.165.200.234 netmask 255.255.255.252

  • Linked the ACL to the pool and enabled PAT with:
    ip nat inside source list 1 pool ANY_POOL_NAME overload

  • Configured NAT interfaces:

    • ip nat inside on G0/0/0 and G0/0/1

    • ip nat outside on S0/1/0

On R2 (Using Interface PAT)

  • ACL for 172.17.0.0/16 traffic.

  • PAT command using interface:
    ip nat inside source list 2 interface s0/1/1 overload

  • NAT interface roles set accordingly.

Verification

Tested Connections:

  • All devices (PC1–PC4, L1–L4) successfully accessed Server1 via web browser, confirming PAT functionality.

  • Verified NAT translations using:
    show ip nat translations

Findings:

  • R1 reused the same IP from the pool by dynamically assigning ports — showcasing how PAT conserves public IPs.

  • R2 didn’t show dynamic mappings in the same format, since it was using interface-based PAT, but the function was confirmed through successful external access.

What I Learned

  • The difference between NAT pool overload vs. interface-based PAT.

  • How port numbers are dynamically assigned to multiple internal hosts.

  • How to troubleshoot PAT using show commands and NAT statistics.

  • The limitations of port ranges and what happens when the pool is exhausted.