IPv6 NAT Static Configuration Example

This example steps you through an IPv6 fullcone NAT static configuration. See IPv6 NAT Static Configuration Example for a presentation of the IPv6 NAT static configuration packet flow.

Our static NAT configuration example configures Client1 with NAT translation on the internal private network VLAN 10 interface. Client1 communicates with Server1 over the external public network VLAN 100 interface. NAT is enabled on VLAN 10 as an inside interface. NAT is enabled on VLAN 100 as an outside interface. These are the only VLANs over which translation occurs for this configuration example. The static configuration is for fullcone NAT.

To configure Client1 on the NAT router, we enable static NAT translation of the inside source address specifying local IP address 1000::/48 and global IP address 4000:1::/48. Server1 will only access Client1 with its external IP address using a binding created by this static configuration. In this case: external IP address 4000:1::11. The fullcone option is specified and the extended IPv6 access list cone_acl is applied to it. The access list permits TCP packets from any port on source 1000::/48 to destination 4000:1:2::/48.

Once Client1 communicates with Server1, Server1 will be able to inform any other server of its 4000:1::11 external address. Any server that learned Client1‘s external address from Server1 can then initiate communications with Client1. IPv6 NAT Static Configuration Example only displays the packet flow between Client1 and Server1. See Fullcone NAT for a graphic depiction of the fullcone NAT feature.

Click to expand in new window
IPv6 NAT Static Configuration Example
Graphics/NATIPv6BasicStatic1.png