Cisco make their NAT translations really hard to understand. I believe this is because they use terminology that really does not make any sense.
- Inside local address—The IP address assigned to a host on the inside network. This is the address configured as a parameter of the computer OS or received via dynamic address allocation protocols such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center (NIC) or service provider.
- Inside global address—A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world.
- Outside local address—The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside.
- Outside global address—The IP address assigned to a host on the outside network by the host owner. The address is allocated from a globally routable address or network space.
Now forget about these for a moment and consider the diagram below. All it talks about are “original ip addresses” and “translated ip address”.
Using this terminology you can easily workout what the required NAT statement is. Cisco use the inside/outside local/global terms to include the direction the packet is traversing. For network engineer you only need to add a source and a destination interface and it all works out without any tears.