The following Example is for a Cisco ADSL router with one ATM interface and four fast Ethernet interfaces logically connected to a single VLAN.

To configure NAT you will need to define which interface is on the inside (in our case the VLAN) and the outside interface that is presented to the internet (the ATM interface).

Take the following example configuration:

interface dialer 1
ip address negotiated
ip inspect MYFIREWALL out
ip access-group 123 in
ip nat outside
!
interface vlan 1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
ip nat inside source list 101 interface dialer 1 overload
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any

If you have ports that you need to forward using PAT (port address translation) you will need to add these using the IP NAT… command, for example:

ip nat inside source static TCP 192.168.1.254 80 interface dialer 1 80

If you have more than one external IP address on your internet connection you may wish to perform a one to one translation for an internal device. In this case you would use the following command instead:

ip nat inside source static  192.168.1.254 172.16.10.1
(where 172.16.10.1 is your external IP address)

It is very likely that you have an access list that will block traffic coming in to the internet interface so you will need to allow the traffic through your filter. Using the example above you would need to add the follow statement to access-list 123 to permit inbound www (TCP 80) traffic.

access-list 123 permit tcp any host 172.16.10.1 eq 80