Dynamic NAT: How to Configure

Dynamic NAT

Dynamic means something related to automatic that doesn’t rely on human intervention.
As defined in the previous blog, NATing allows us to communicate with the rest of the world through public IP addresses. One such translation method is dynamic nat. It is a translation method in which private network PCs communicate over the internet via a pool of public IP addresses.

Here in this article, we will explore the theory of Dynamic NAT and its working mechanism.
Today’s network environment requires security and efficient management. Dynamic NAT helps us to optimize our IP addresses by maintaining robust network security.


Dynamic NAT is a fundamental networking technique that hides our private IP address from the pool of public IP addresses. Unlike static NAT which binds a single private IP address to the single public IP address. But, in dynamic NAt, a pool of public IP addresses.

How Dynamic NAT works


Dynamic NAT works by translating private IP addresses to public addresses from a shared pool of addresses. Here’s a step-by-step process is:
Initiation: A device in a local network requests access to an external network.
Translation Request: The router or NAt device checks for an available public IP address from a pool of public addresses.
Assignment: If an IP address is available, the system assigns it to the device temporarily.
Session Establishment: The local device starts communication with external resources through the use of a public address.
Termination: When the session ends, then the public IP address is returned to the pool.

Lab Topology

We will use almost the same lab topology as we used for 1-to-1 static NAT in the previous blog.

Configure all the IP addresses as given in the diagram. Also, Run an EIGRP protocol on all the routers, but define a default route on R1 towards R2 as given below:

Ping from R1 to R2 and R4:

Also, ping from an internal network towards the external network;

 ping from PC1 to R1 and R2

The local PC can ping the R1 external interface, but it failed to ping the R2 interface. Also, ping the HTTP server from one of the local PC.

 ping http server from PC2

It also failed again to ping the server behind R4. To work with external, we will configure dynamic Nat on R1, but there are a few steps required. For this, we are going to permit some private IP through ACL.

 define IPs to permit inside hosts

Only IP addresses from 192.168.0.2-192.168.0.4 are allowed to go through the internet. The next step is to define a pool of public IP addresses.

 define nat pool

While the next phase is to bind the pool with the Nat;

match pool with access list 10

The last and final phase is to define internal and external interfaces for NAT translation.

define inside outside interfaces

Now ping the R2 interface and HTTP server from the local PC.

ping from PC1 to R2 and Http server

Also, browse the HTTP server from the local PC.

browse http server on pc2

The local PC in the private network has successfully ping and browse HTTP server. This is the dynamic NAT lab which we configure successfully.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *