Frustrated because you cannot understand NAT?  Was just reading a  blog post on NAT and was reminded how much difficultly I had withNetwork Address Translation (NAT) when I was just starting out on my career as a Cisco networks engineer.  First off, the official  Cisco notes  How NAT works.  Feeling confused after reading it?  For most part the official Cisco notes well as the  CCNA books I recommended in the  previous posts are excellent resources.  However, one of the most confusing topics for the beginning CCNA networks engineer are the 4 crucial NAT terms inside local, inside global, outside local and outside global.  One of the items you must definitely master for your  CCNA preparation is definitely NAT, as NAT is one of the features that is extremely well used when you are a  CCNA networks engineer.
To have a public IP-Address costs money. To have a whole public subnet, costs more money.
So companies with little money and some clever administrators can use a technique, which helps them use less public IP-Addresses also make it possible for lots of clients to connect to the Internet.
This technique is called  NAT or Network Address Translation.
As the name says, a Network Address (IP-Address) is been translated to another address.
Mostly, a private IP-Address (172.16.X.X or 196.168.X.X) is translated in a public IP which the company
gets from an ISP and pays for the public IP or IPs.
There are some terms which must be understood before going deeper in that material.
So here are some important concepts related to NAT
Inside local address
A private IP Address, not useable on the Internet.
Inside global address
A public IP address in the inside network.
Outside local address
A IP on the outside of the network, as it’s seen by an inside host.
Not necessarily public address.
Outside global address
A IP address in the outside network, which is a public address.
There are three forms of NAT
Static NAT
ONE private IP is translated to ONE public IP.
A Â private IP is mapped to the same public IP, always.
Dynamic NAT
A private IP is mapped to a public IP, which is from a pool of public IPs.
It must not always be the same private IP, which gets mapped to a specific public IP.
This is selected dynamically.
Overloading
Many private IPs are mapped to one public IP.
This is also known as PAT (Port Address Translation).
It’s a Form of dynamic NAT.
A private IP establishes a connection, for example is source port 2353.
The packets come to the router. The router translates the IP to a public IP.
The router writes the Information about source IP and source Port into
its NAT Table. When the answer Packets arrive from Internet the router again
checks its NAT Table and translates the packets back to the private IP from where
the requesting packets did origin, depending on the port entry in NAT Table.
Configuration commands
Static NAT
router(config)#ip nat inside source static  local-ip global-ip
router(config)#interface fa0/4
router(config-if)#ip nat inside <<<interface inside network
router(config)#interface fa0/4
router(config-if)#exit
router(config)#interface s0
router(config-if)#ip nat outside >>>interface outside network
Dynamic NAT
router(config)#ip nat pool  name start-ip end-ip {netmask  netmask | prefix-length  prefix-length}
router(config)#access-list  acl-number permit  source-IP [source-wildcard]
router(config)#ip nat inside source list  acl-number pool  name
router(config)#interface fa0/4
router(config-if)#ip nat inside
router(config-if)#exit
router(config)#interface s0
router(config-if)#ip nat outside
Overloading
router(config)#access-list  acl-number permit  source-IP source-wildcard
router(config)#ip nat inside source list  acl-number interface  interface overload
router(config)#interface fa0/4
router(config-if)#ip nat inside
router(config-if)#exit
router(config)#interface s0
router(config-if)#ip nat outside