The following configuration elements are required for enabling port address translation:
- access-list – to define the real IP addresses that require NAT
- ip nat inside – Enable the internal-facing interface for NAT
- ip nat outside – Enable the external-facing interface for NAT
- ip nat inside source list <access-list #> interface <interface> overload – enables PAT using the IP of the specified interface.
Connection tracking is the function of the router that tracks the ephemeral port mapping of the source request in relation to a particular connection to ensure the traffic is always forwarded back to the internal-facing host correctly; if two clients use the same source port, an arbitrary port is assigned by the router to help track the connection.
Here is an example of PAT:
Stuck-in-Active: Journal of an IT-Network Administrator 