Dynamic NAT / PAT / HIDE NAT / NAT Overload
Dynamic PAT (Port Address Translation), HIDE NAT and NAT Overload all refer to the same meaning – which is to dynamically NAT your internal network address segment to one IP address. This is usually done when you want to translate your unroutable private network address to a publically routable address on your outside Internet address.
Here’s how on ASDM 6.3+
- Under Configuration > Network Objects/Groups > Add a new network object
- Give the internal network a name and enter the internal subnet you want to perform NAT/PAT
- Check Add Automatic Address Translation Rules
- Select Dynamic PAT (Hide)
- Select your outside interface in the section labeled “Translated Address”
- Make sure you click the “Translated Addr –>” to populate the field with OUTSIDE
- Next Click Advanced…to go into Advanced NAT Settings
- Select “INSIDE” as your source interface and “OUTSIDE” as your destination interface. This sets the NAT direction to be from your inside network to the outside (Internet)
Once complete setup click apply and save to complete your configuration.
Here’s how on CLI 8.3+
Often on CLI you will find it maybe much easier to configure. Below are the 3 lines that you will need to configure a your dynamic NAT.
object network INSIDE_DYN_PAT subnet 10.100.0.0 255.255.0.0 nat (INSIDE,OUTSIDE) dynamic interface
Here are some commands to verify your NAT
show nat
show xlate