totally globular gnat...

let's see, the rfc 1918 address is the inside local, or private address preparing to metamorphose for use in the outside world... it's a silence of the lambs thing...

the public address it gets translated to is the inside global, or how private 10.0.0.1 becomes public 200.0.0.1, hence routable, preparing for entry into the wild... perfect, i'm down with this...

it's beyond the firewall that things get very scary...

once the firewall spits it out, releases it, it is now known as the outside global, it didn't even have to go to city hall for an official name change... it's magic...

and it's ultimate destination is referred to as the outside local... the key is inside versus outside and local versus global...  inside local; private, inside global; translated, outside global; what was translated and en route (same as inside global), outside local; destination... we can all relax now...

the mechanics of this:
what is my inside interface (that which is facing the private network)
what is my outside interface (that which is facing the internet)
these are the sources...

r2620_02(config)#int fa 0/0
r2620_02(config-if)#ip nat inside (private interface)
r2620_02(config-if)#int s0/0
r2620_02(config-if)#ip nat outside (translation interface)

define the usable range of private addresses as a standard acl to keep it simple...

r2620_02(config-if)#exit
r2620_02(config)#access-list 1 permit 10.0.0.0 0.0.0.255

define the range of public usable addresses as a pool (or make it static)

r2620_02(config)#ip nat pool inet 200.0.0.2 200.0.0.9 netmask 255.255.255.224

reference list 1 (inside range) to the pool and overload it...


r2620_02(config)#ip nat inside source list 1 pool inet overload