Static NAT (Network Address Translation) is the first IP address translation method you'll discover.
In your internal network, you use private IP addresses defined by RFC 1918.
These addresses are only valid locally and cannot be routed over the Internet.
Figure 1 – Static NAT lets a private IP communicate with the internet using a fixed public IP
For a private host to communicate with the outside world, it needs a public IP to communicate with devices outside your internal network.
Answer the question below
Static NAT is used when you want to establish a 1-to-1 correspondence between a private IP address and a public IP address.
Let's take an example:
A server in your local network has the address 192.168.1.5.
It wishes to contact the Google DNS server: 8.8.8.8.When the packet reaches the router, it is blocked.
Figure 2 – Without NAT, the private IP 192.168.1.5 is blocked
Why is this? Because the source address is private, and therefore not routable on the Internet.
The router needs to apply address translation (NAT) to enable communication.To solve this, we implement a Static NAT rule:
The private address 192.168.1.5 is associated with a public address 37.5.55.103.
Figure 3 – Static NAT creates a 1-to-1 mapping between a private IP and a public IP
As shown in this diagram, the router configures a static NAT table with :
Inside Local : 192.168.1.5 (the internal private IP address)
Inside Global : 37.5.55.103(the public IP address used on the Internet)
Let's move on and see what happens in practice during a transmission!
Answer the question below
What kind of IP address cannot go directly to the Internet?
Let's assume that Static NAT is already configured.
When the packet is sent from server 192.168.1.5 to DNS server 8.8.8.8, the following happens:
Figure 4 – The router uses a static NAT table to link 192.168.1.5 with 37.5.55.103
The router identifies the source address as 192.168.1.5 (private address).
It applies the configured Static NAT rule.
It replaces this address with the public address 37.5.55.103.
The packet is then transmitted over the Internet.
When the DNS server responds, the router performs the reverse operation:
it replaces the destination address 37.5.55.103 with 192.168.1.5, and the packet correctly returns to the original sender.Answer the question below
Now let's take a step-by-step look at how to configure Static NAT.
Defining Inside and Outside interfaces
First step: you need to tell the router which interfaces correspond to the internal (private) network and which to the external (Internet) network.
40 % Complete: you’re making great progress
Unlock the rest of this lesson
If you’d like to continue your CCNA journey, create your free account now.
Access all free CCNA lessons
Practice with quizzes and level test
Progress tracking in your dashboard
Made by network engineers - CCNP certified
Create your Free Account1151 learners continued their CCNA journey this month