The ‘ip nat inside source list [number] interface [interface name] overload’ command is used in Cisco routers to configure a source NAT (Network Address Translation) rule for outbound traffic from a specific interface to the Internet. This command allows you to translate the source IP addresses of packets leaving the internal network to a different IP address, typically a public IP address, before sending them to the Internet. Here’s how the command works:
- ip nat inside: This keyword enables NAT for outbound traffic on the inside interface (the interface that is connected to the internal network or subnetwork).
- source list [number]: Specifies the access control list (ACL) number that defines the source IP addresses to be translated. You can create an ACL using the ‘access-list’ command.
- interface [interface name]: Specifies the interface on which the NAT rule is to be applied. This is the interface that is connected to the internal network.
- overload: This keyword specifies that the router should use the same public IP address for all translated packets, even if they come from different hosts on the internal network. This is also known as “PAT” (Port Address Translation) or “NAPT” (Network Address and Port Translation).
By using this command, you can configure the router to translate the source IP addresses of packets from the internal network to a public IP address before sending them to the Internet. This allows you to use a single public IP address for multiple hosts on the internal network, conserving public IP addresses and improving security by hiding the internal IP addresses from the Internet.
This command can be used on Cisco routers that support NAT, including the Cisco 1800, 2800, 3800, and 7200 series routers, as well as the Cisco Integrated Services Routers (ISRs) and ASR series routers.
To configure a source NAT rule using the ‘ip nat inside source list [number] interface [interface name] overload’ command, follow these steps:
- Create an ACL that defines the source IP address range to be translated.
- Apply the ACL to the inside interface using the ‘ip nat inside source list [number]’ command.
- Specify the interface where the NAT rule should be applied using the ‘interface [interface name]’ command.
- Use the ‘overload’ keyword to enable PAT.
- Verify the NAT configuration using the ‘show ip nat translation’ command.
By configuring NAT in this way, you can enable outbound Internet access for multiple hosts on the internal network using a single public IP address.
ip nat inside source list [number] interface [interface name] overload Usage Examples
The syntax forip nat inside source list [number] interface [interface name] overload
command in Cisco is:
ip nat inside source list [number] interface [interface name] overload {disable-external-net}
The following are some examples of theip nat inside source list [number] interface [interface name] overload
command:
Example 1: Configure Overload for a specified interface
ip nat inside source list 1 interface fa0/0 overload
Example 2: Configuring Overload and Disable External Translation
ip nat inside source list 2 interface fa0/1 overload disable-external-net