Network Address Translation (NAT) Quick Start Guide

By default, your newly configured NAT server will provide a network translation function only – it will neither provide internal users with an IP address, nor act as a DNS proxy. However, both options are configurable.

At this point, assuming that your external adapter has a public IP address, your NAT server is really to go. The configuration of your client systems is the last major step. In this example, I’m going to assume that your internal network uses the address range with a subnet mask of – these addresses may be provided by other server running DHCP, or manually. Remember, however, that any valid address range can be used with NAT, meaning both public and private addresses (though private would be by far the most common).

The internal or private address on the NAT server should be set to a value like in this example. That address will need to be configured at the default gateway on your client systems, either manually or via changing the properties of your DHCP scope. Assuming that your network is running DNS for the purpose of Active Directory, you should configure your clients such that they point at your local DNS server. This will ensure that they still properly interact with Active Directory. To speed up the name resolution process, consider adding your ISP’s DNS server as a forwarder address in your local DNS server’s configuration.

Given this configuration, not only will internal clients be configured to properly interact with Active Directory, but they should also have no issue connecting to Internet resources.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.