Using NAT address pool in eNSP to achieve intranet outbound conversion

In an enterprise, public network address resources are limited, while the number of internal hosts is huge. We can use NAT address pools to dynamically map multiple internal hosts to a set of public addresses, thereby achieving a flexible and reliable network solution. Today, I will show you how to set up NAT address pool conversion on eNSP.

1. What is NAT address pool?
Compared to Easy IP, which only uses one public IP, the NAT address pool method can flexibly define multiple public IP addresses for NAT use.

In layman's terms, I don't want to use the address on the interface as a public IP. I have a dedicated public address segment for you internal hosts to use slowly.

This is also a common practice for enterprise NAT.

2. Experimental topology diagram
We build the following topology:

PC1, PC2: internal hosts
R1: border router with NAT address pool
Cloud1: connected to the external network
External server: VM network (such as 192.168.248.128)


3. Specific configuration steps
1. Set the R1 interface address

At this time, PC1 and PC2 cannot ping 192.168.248.128

2. Create a NAT address pool
Suppose we have a public IP resource: 192.168.248.130 - 192.168.248.140

This address segment is a "simulated public network address segment". Although it is actually a private network, it can be used as a NAT public network resource in the VMware LAN



3. Create an ACL to match intranet traffic

4. Set up NAT rules (using address pool)

This completes the NAT settings of the address pool method!

Try to ping the external 192.168.248.128, and find that the ping is successful. By capturing the packet, you can see that the source address is 192.168.248.140 and the destination address is 192.168.248.128.


4. Summary of the difference between address pool and Easy IP