SlideShare a Scribd company logo

NAT Scneario

Mansour Naslcheraghi
Mansour Naslcheraghi

NAT configuration (Static & Dynamic)

TechnologyEducation
1 of 30
Download to read offline
LOGO CCNA Tehran Institute of Technology Course name: Cisco CCNA Instructor: Mansour.nch Senior @ Tehran Institute of Technology Copyright 2014
Course name: Cisco CCNA Instructor: Mansour.nch Senior @ Tehran Institute of Technology Copyright 2014 Tehran Institute of Technology Contents 1. Introduction to NAT 2. Static NAT 3. Dynamic NAT
Introduction to NAT  Before identifying NAT Technology we need know some about address types in real world networks. Private Address Public Address Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Private VS Public  The public addresses are used to reach to the internet. » because they can be routed on internet.  But the private addresses are used within an organization only. » because they can not be routed. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Using NAT benefits  With NAT, we can use private address millions of times all over the world and still can be access to the internet. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Security tips on NAT  For securtiy reasons,  NAT also provide hiding your network from the outside of the world. Because the remote node that you connect by internet, only knows your public address, not the real internal address of your pc.  NAT provide the translation from  private address to the public address. We are connecting internet with our private address, but in real at the backplane it is doing this with a public address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
NAT Types • Static NAT • Dynamic NAT • PAT(Port Address Translation) or NAT Overload  Static NAT is the type that is used for one-to-one translation of ports or addresses, Dynamic NAT is the type that is used with a public address pool, and works with more than one public address, PAT is the type that translates the outbound traffic of internal nodes to unique port numbers of a single public address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Keywords on NAT Inside local : Your PC’s private address, Inside global : Public address assigned to your PC, Outside local : Outside host’s public address, Outside global: Same address as the outside local, necessary to translate an outside address to an private address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
How NAT works? At the example above there are different addresses. For PC A, these address are: • Inside Local Address - 10.1.1.10 • Inside Global Address - 55.1.1.1 • Outside Global Address – 99.1.1.2 • Outside Local Address – 99.1.1.2 Here the PC A ’s configured address, 10.1.1.10 is the inside global address. When this PC wants to go to the internet, it will use the Router A ‘s publica address, using PAT. So the inside global address of PC A is 55.1.1.1. Suring comunication with PC B, PC A access only PC B ‘s outside global address, 99.1.1.2 Tehran Institute of Technology
LOGO Static NAT Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Define Topology For static NAT configuration, we will use the below topology. Let’s firstly define our routers. Think R1 router as your local router. And R2 as a router on Internet. Finally RouterA will be our NAT configured router. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Define Topology Firslt you must configure interface ip addresses on three of these routers.And then you must give the static route from both ends to others. After ping from both end successfull to other end, then it is ready for our NAT configuration. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Define Topology R1 R1 # conf terminal R1 (config)# int f0/0 R1 (config-if)# ip address 192.168.0.1 255.255.255.0 R1 (config-if)# no shut R1 (config-if)# exit R1 (config)# ip route 10.10.10.0 255.255.255.0 192.168.0.2 R1 (config)# exit R1 # copy run start Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Define Topology www.Win2Farsi.com R2 R2 # conf terminal R2 (config)# int f0/0 R2 (config-if)# ip address 10.10.10.1 255.255.255.0 R2 (config-if)# no shut R2 (config-if)# exit R2 (config)# ip route 192.168.0.0 255.255.255.0 10.10.10.2 R2 (config)# exit R2 # copy run start Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Define Topology RouterA RouterA # conf terminal RouterA (config)# int f0/0 RouterA (config-if)# ip address 192.168.0.2 255.255.255.0 RouterA (config-if)# no shut RouterA (config-if)# exit RouterA (config)# int f0/1 RouterA (config-if)# ip address 10.10.10.2 255.255.255.0 RouterA (config-if)# no shut RouterA (config-if)# end RouterA # copy run start Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Verify Configurations  R1 # ping 10.10.10.1 R2 # ping 192.168.0.1  Here, lets give “ debug ip packet” command on R2 and ping R1 to R2. Asyou can see below, the source address will be R1’s fa0/0 interface address and the destination address will be the R2’s fa0/0 address. After NAT configuration this source address will be change as RouterA’s fa0/1 interface ip address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Verify Configurations  And lastly for the mapping, private to public, we need an extra command on Router A.  Router A (config)# ip nat inside source static 192.168.0.1 10.10.10.2  After configuring the RouterA with this command, let’s ping R1 to R2 again and check the debug ip packet command output. Here, as you can see below, the new source ip address is the ip address of RouterA’s fa0/1 interface. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
LOGO Dynamic NAT Course name: Cisco CCNA Instructor: Mansour.nch Senior @ Tehran Institute of Technology Copyright 2014
Scenario www.Win2Farsi.com ISP A network associate is configuring a router for the Weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 – 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the Company LAN have been assigned private space addresses in the range of192.168.100.17 – 192.168.100.30.
Scenario  The following have already been configured on the router:  - The basic router configuration - The appropriate interfaces have been configured for NAT inside and NAT outside - The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.) - All passwords have been temporarily set to “cisco”  The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.  Configuration information Router name – Weaver Inside global addresses – 198.18.184.105 198.18.184.110/29 Inside local addresses – 192.168.100.17 – 192.168.100.30/28 Number of inside hosts – 14 Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
Solution (step by step) 1. What the IP Addressing of scenario ISP The Local Area Network has been assigned addresses – > 192.168.100.17 to 192.168.100.30 and the subnet mask used, is /28 OR 255.255.255.240 Private IPs Tehran Institute of Technology
Solution (step by step) What the IP Addressing of scenario? ISP We need to translate these LAN addresses into 198.18.184.105 – 198.18.184.110 Public IPs Tehran Institute of Technology
Solution (step by step) So, Problem with IP addressing? ISP The company has 14 hosts in the LAN that need to access the Internet simultaneously but we just have 6 public IPs. So we need to configure NAT overloading or Port Address Translation (PAT). Tehran Institute of Technology
Solution (step by step) ISP Step 1: Create a standard access-list that specifies the Private IPs to be translated i.e., 192.168.100.17 – 192.168.100.30 Step 2: Create a POOL of Public IPs to be allocated i.e., 198.18.184.105 – 198.18.184.110 Step 3: Use “ip nat inside source ….” command to link the ACCESS- LIST and POOL so that NAT overloading can be performed. Step 4: Use ip nat inside and ip nat outside command on fastEthernet and Serial interfaces respectively. Tehran Institute of Technology
Solution (step by step)  To access the Weaver Router Click on Console PC —-> Desktop —-> Terminal — -> OK  Router>enable Router#configure terminal  Change the router’s name to Weaver as given in the LAB Router(config)#hostname Weaver  Create a NAT pool of global addresses to be allocated with the subnet mask. Weaver(config)#ip nat pool NHPOOL 198.18.184.105 198.18.184.110 netmask 255.255.255.248 ISP Tehran Institute of Technology
Solution (step by step)  Create a standard access control list that permits the Private addresses OR the addresses that are to be translated. Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15 ISP Tehran Institute of Technology
Solution (step by step)  Perform NAT overloading by specifying the access-list and pool defined in the prior steps. This command translates all inside local addresses that pass access list 1, into an address from the pool named NHPOOL. Weaver(config)#ip nat inside source list 10 pool NHPOOL overload  As mentioned in LAB that the ip nat inside and ip nat outside commands have been configured already so we don’t need to configure it again on FastEthernet0/0 and Serial0/0respectively.  Copy running configuration into startup configuration. Weaver#copy running-config startup-config ISP Tehran Institute of Technology
Solution (step by step)  Perform NAT overloading by specifying the access-list and pool defined in the prior steps. This command translates all inside local addresses that pass access list 1, into an address from the pool named NHPOOL. Weaver(config)#ip nat inside source list 10 pool NHPOOL overload  As mentioned in LAB that the ip nat inside and ip nat outside commands have been configured already so we don’t need to configure it again on FastEthernet0/0 and Serial0/0respectively.  Copy running configuration into startup configuration. Weaver#copy running-config startup-config ISP Tehran Institute of Technology
Solution (step by step)  To verify your LAB the Click on Host for Testing —-> Desktop —-> Command Prompt  C:>ping 192.0.2.114 The ping should work well and you will be replied from 192.0.2.114  Issue “show ip nat translation“ command on Weaver Router to verify the translation. ISP
LOGO Tehran Institute of Technology www.Win2Farsi.com Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014

Recommended

NAT Ccna
NAT CcnaNAT Ccna
NAT Ccnasinghsukdeep
 
Nat
NatNat
NatElshan86
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Nat pat
Nat patNat pat
Nat patCYBERINTELLIGENTS
 
Nat presentation
Nat presentationNat presentation
Nat presentationhassoon3
 
Campus networking
Campus networkingCampus networking
Campus networkingJisc
 

Recommended

NAT Ccna
NAT CcnaNAT Ccna
NAT Ccnasinghsukdeep
 
Nat
NatNat
NatElshan86
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Nat pat
Nat patNat pat
Nat patCYBERINTELLIGENTS
 
Nat presentation
Nat presentationNat presentation
Nat presentationhassoon3
 
Campus networking
Campus networkingCampus networking
Campus networkingJisc
 
Ipo spaces calling document-v1
Ipo spaces calling document-v1Ipo spaces calling document-v1
Ipo spaces calling document-v1ManmeetShandilya2
 
network address translate
network address translate network address translate
network address translate ahmedOday
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
What is Network Address Translation (NAT)
What is Network Address Translation (NAT)What is Network Address Translation (NAT)
What is Network Address Translation (NAT)Amit Kumar , Jaipur Engineers
 
Network address translation
Network address translationNetwork address translation
Network address translationKarppinen Ngoc Anh
 
Ccna 2 chapter 11 2014 v5
Ccna 2 chapter 11 2014 v5Ccna 2 chapter 11 2014 v5
Ccna 2 chapter 11 2014 v5Đồng Quốc Vương
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryHeba_a
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
Network address translation pdf
Network address translation pdfNetwork address translation pdf
Network address translation pdfMadhusudhan Anand
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practiceflyingpotato
 
IPv6 theoryfinalx
IPv6 theoryfinalxIPv6 theoryfinalx
IPv6 theoryfinalxPawan Sharma
 
Static NAT
Static NATStatic NAT
Static NATNetProtocol Xpert
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 AutoconfigFred Bovy
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6Jubin Aghara
 
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatNeighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatDigicomp Academy AG
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translationtmavroidis
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Jhoni Guerrero
 
Basic Configurations on Router
Basic Configurations on RouterBasic Configurations on Router
Basic Configurations on RouterMansour Naslcheraghi
 
CCNA 1 Final v5.0 2014
CCNA 1 Final v5.0 2014CCNA 1 Final v5.0 2014
CCNA 1 Final v5.0 2014Đồng Quốc Vương
 

More Related Content

What's hot

Ipo spaces calling document-v1
Ipo spaces calling document-v1Ipo spaces calling document-v1
Ipo spaces calling document-v1ManmeetShandilya2
 
network address translate
network address translate network address translate
network address translate ahmedOday
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryHeba_a
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
Network address translation pdf
Network address translation pdfNetwork address translation pdf
Network address translation pdfMadhusudhan Anand
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practiceflyingpotato
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 AutoconfigFred Bovy
 
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatNeighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatDigicomp Academy AG
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translationtmavroidis
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Jhoni Guerrero
 

What's hot (20)

Ipo spaces calling document-v1
Ipo spaces calling document-v1Ipo spaces calling document-v1
Ipo spaces calling document-v1
 
network address translate
network address translate network address translate
network address translate
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)
 
What is Network Address Translation (NAT)
What is Network Address Translation (NAT)What is Network Address Translation (NAT)
What is Network Address Translation (NAT)
 
Network address translation
Network address translationNetwork address translation
Network address translation
 
Ccna 2 chapter 11 2014 v5
Ccna 2 chapter 11 2014 v5Ccna 2 chapter 11 2014 v5
Ccna 2 chapter 11 2014 v5
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour Discovery
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
 
Network address translation pdf
Network address translation pdfNetwork address translation pdf
Network address translation pdf
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorial
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practice
 
IPv6 theoryfinalx
IPv6 theoryfinalxIPv6 theoryfinalx
IPv6 theoryfinalx
 
Static NAT
Static NATStatic NAT
Static NAT
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 Autoconfig
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6
 
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatNeighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
 
Network address translation
Network address translationNetwork address translation
Network address translation
 
Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translation
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6
 

Similar to NAT Scneario

Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxGeorgeThoreJr
 
CCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdf
CCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdfCCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdf
CCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdfngombeemmanuel
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tutnicolelemmimg
 
Telnet configuration
Telnet configurationTelnet configuration
Telnet configurationMdAlAmin187
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)Jeff Green
 
Network address translations
Network address translations Network address translations
Network address translations Shahzad shareef
 
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.Louis Göhl
 
How to link public addresses (real ip) to private ip or lan ip
How to link public addresses (real ip) to private ip or lan ipHow to link public addresses (real ip) to private ip or lan ip
How to link public addresses (real ip) to private ip or lan ipTũi Wichets
 
Lecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptxLecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptxHanzlaNaveed1
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4newbie2019
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfQual4
 

Similar to NAT Scneario (20)

Basic Configurations on Router
Basic Configurations on RouterBasic Configurations on Router
Basic Configurations on Router
 
CCNA 1 Final v5.0 2014
CCNA 1 Final v5.0 2014CCNA 1 Final v5.0 2014
CCNA 1 Final v5.0 2014
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptx
 
CCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdf
CCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdfCCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdf
CCNA1 v7.0_ ITN Practice PT Skills Assessment (PTSA)12 Answers.pdf
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
 
Telnet configuration
Telnet configurationTelnet configuration
Telnet configuration
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
 
Network address translations
Network address translations Network address translations
Network address translations
 
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.
 
How to link public addresses (real ip) to private ip or lan ip
How to link public addresses (real ip) to private ip or lan ipHow to link public addresses (real ip) to private ip or lan ip
How to link public addresses (real ip) to private ip or lan ip
 
CCNA Routing Protocols
CCNA Routing Protocols CCNA Routing Protocols
CCNA Routing Protocols
 
Lecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptxLecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptx
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdf
 
Nat
NatNat
Nat
 
Nat 03
Nat 03Nat 03
Nat 03
 
Networking 101
Networking 101Networking 101
Networking 101
 
Networking 101
Networking 101Networking 101
Networking 101
 
Networking 101
Networking 101Networking 101
Networking 101
 

More from Mansour Naslcheraghi

International Conference on Telecommunications
International Conference on TelecommunicationsInternational Conference on Telecommunications
International Conference on TelecommunicationsMansour Naslcheraghi
 
Efficient resource allocation for device to-device
Efficient resource allocation for device to-deviceEfficient resource allocation for device to-device
Efficient resource allocation for device to-deviceMansour Naslcheraghi
 
Enable device to-device communications underlaying networks
Enable device to-device communications underlaying networksEnable device to-device communications underlaying networks
Enable device to-device communications underlaying networksMansour Naslcheraghi
 

More from Mansour Naslcheraghi (10)

International Conference on Telecommunications
International Conference on TelecommunicationsInternational Conference on Telecommunications
International Conference on Telecommunications
 
Content Delivery Networks
Content Delivery NetworksContent Delivery Networks
Content Delivery Networks
 
Lte signaling
Lte signalingLte signaling
Lte signaling
 
Efficient resource allocation for device to-device
Efficient resource allocation for device to-deviceEfficient resource allocation for device to-device
Efficient resource allocation for device to-device
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Enable device to-device communications underlaying networks
Enable device to-device communications underlaying networksEnable device to-device communications underlaying networks
Enable device to-device communications underlaying networks
 
Mobile Millimeter-Waves Makeover
Mobile Millimeter-Waves MakeoverMobile Millimeter-Waves Makeover
Mobile Millimeter-Waves Makeover
 
Coding
CodingCoding
Coding
 
Oqpsk
OqpskOqpsk
Oqpsk
 
Tele operation systems
Tele operation systemsTele operation systems
Tele operation systems
 

Recently uploaded

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

NAT Scneario

  • 1. LOGO CCNA Tehran Institute of Technology Course name: Cisco CCNA Instructor: Mansour.nch Senior @ Tehran Institute of Technology Copyright 2014
  • 2. Course name: Cisco CCNA Instructor: Mansour.nch Senior @ Tehran Institute of Technology Copyright 2014 Tehran Institute of Technology Contents 1. Introduction to NAT 2. Static NAT 3. Dynamic NAT
  • 3. Introduction to NAT  Before identifying NAT Technology we need know some about address types in real world networks. Private Address Public Address Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 4. Private VS Public  The public addresses are used to reach to the internet. » because they can be routed on internet.  But the private addresses are used within an organization only. » because they can not be routed. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 5. Using NAT benefits  With NAT, we can use private address millions of times all over the world and still can be access to the internet. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 6. Security tips on NAT  For securtiy reasons,  NAT also provide hiding your network from the outside of the world. Because the remote node that you connect by internet, only knows your public address, not the real internal address of your pc.  NAT provide the translation from  private address to the public address. We are connecting internet with our private address, but in real at the backplane it is doing this with a public address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 7. NAT Types • Static NAT • Dynamic NAT • PAT(Port Address Translation) or NAT Overload  Static NAT is the type that is used for one-to-one translation of ports or addresses, Dynamic NAT is the type that is used with a public address pool, and works with more than one public address, PAT is the type that translates the outbound traffic of internal nodes to unique port numbers of a single public address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 8. Keywords on NAT Inside local : Your PC’s private address, Inside global : Public address assigned to your PC, Outside local : Outside host’s public address, Outside global: Same address as the outside local, necessary to translate an outside address to an private address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 9. How NAT works? At the example above there are different addresses. For PC A, these address are: • Inside Local Address - 10.1.1.10 • Inside Global Address - 55.1.1.1 • Outside Global Address – 99.1.1.2 • Outside Local Address – 99.1.1.2 Here the PC A ’s configured address, 10.1.1.10 is the inside global address. When this PC wants to go to the internet, it will use the Router A ‘s publica address, using PAT. So the inside global address of PC A is 55.1.1.1. Suring comunication with PC B, PC A access only PC B ‘s outside global address, 99.1.1.2 Tehran Institute of Technology
  • 10. LOGO Static NAT Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 11. Define Topology For static NAT configuration, we will use the below topology. Let’s firstly define our routers. Think R1 router as your local router. And R2 as a router on Internet. Finally RouterA will be our NAT configured router. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 12. Define Topology Firslt you must configure interface ip addresses on three of these routers.And then you must give the static route from both ends to others. After ping from both end successfull to other end, then it is ready for our NAT configuration. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 13. Define Topology R1 R1 # conf terminal R1 (config)# int f0/0 R1 (config-if)# ip address 192.168.0.1 255.255.255.0 R1 (config-if)# no shut R1 (config-if)# exit R1 (config)# ip route 10.10.10.0 255.255.255.0 192.168.0.2 R1 (config)# exit R1 # copy run start Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 14. Define Topology www.Win2Farsi.com R2 R2 # conf terminal R2 (config)# int f0/0 R2 (config-if)# ip address 10.10.10.1 255.255.255.0 R2 (config-if)# no shut R2 (config-if)# exit R2 (config)# ip route 192.168.0.0 255.255.255.0 10.10.10.2 R2 (config)# exit R2 # copy run start Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 15. Define Topology RouterA RouterA # conf terminal RouterA (config)# int f0/0 RouterA (config-if)# ip address 192.168.0.2 255.255.255.0 RouterA (config-if)# no shut RouterA (config-if)# exit RouterA (config)# int f0/1 RouterA (config-if)# ip address 10.10.10.2 255.255.255.0 RouterA (config-if)# no shut RouterA (config-if)# end RouterA # copy run start Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 16. Verify Configurations  R1 # ping 10.10.10.1 R2 # ping 192.168.0.1  Here, lets give “ debug ip packet” command on R2 and ping R1 to R2. Asyou can see below, the source address will be R1’s fa0/0 interface address and the destination address will be the R2’s fa0/0 address. After NAT configuration this source address will be change as RouterA’s fa0/1 interface ip address. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 17. Verify Configurations  And lastly for the mapping, private to public, we need an extra command on Router A.  Router A (config)# ip nat inside source static 192.168.0.1 10.10.10.2  After configuring the RouterA with this command, let’s ping R1 to R2 again and check the debug ip packet command output. Here, as you can see below, the new source ip address is the ip address of RouterA’s fa0/1 interface. Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 18. LOGO Dynamic NAT Course name: Cisco CCNA Instructor: Mansour.nch Senior @ Tehran Institute of Technology Copyright 2014
  • 19. Scenario www.Win2Farsi.com ISP A network associate is configuring a router for the Weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 – 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the Company LAN have been assigned private space addresses in the range of192.168.100.17 – 192.168.100.30.
  • 20. Scenario  The following have already been configured on the router:  - The basic router configuration - The appropriate interfaces have been configured for NAT inside and NAT outside - The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.) - All passwords have been temporarily set to “cisco”  The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.  Configuration information Router name – Weaver Inside global addresses – 198.18.184.105 198.18.184.110/29 Inside local addresses – 192.168.100.17 – 192.168.100.30/28 Number of inside hosts – 14 Tehran Institute of Technology Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014
  • 21. Solution (step by step) 1. What the IP Addressing of scenario ISP The Local Area Network has been assigned addresses – > 192.168.100.17 to 192.168.100.30 and the subnet mask used, is /28 OR 255.255.255.240 Private IPs Tehran Institute of Technology
  • 22. Solution (step by step) What the IP Addressing of scenario? ISP We need to translate these LAN addresses into 198.18.184.105 – 198.18.184.110 Public IPs Tehran Institute of Technology
  • 23. Solution (step by step) So, Problem with IP addressing? ISP The company has 14 hosts in the LAN that need to access the Internet simultaneously but we just have 6 public IPs. So we need to configure NAT overloading or Port Address Translation (PAT). Tehran Institute of Technology
  • 24. Solution (step by step) ISP Step 1: Create a standard access-list that specifies the Private IPs to be translated i.e., 192.168.100.17 – 192.168.100.30 Step 2: Create a POOL of Public IPs to be allocated i.e., 198.18.184.105 – 198.18.184.110 Step 3: Use “ip nat inside source ….” command to link the ACCESS- LIST and POOL so that NAT overloading can be performed. Step 4: Use ip nat inside and ip nat outside command on fastEthernet and Serial interfaces respectively. Tehran Institute of Technology
  • 25. Solution (step by step)  To access the Weaver Router Click on Console PC —-> Desktop —-> Terminal — -> OK  Router>enable Router#configure terminal  Change the router’s name to Weaver as given in the LAB Router(config)#hostname Weaver  Create a NAT pool of global addresses to be allocated with the subnet mask. Weaver(config)#ip nat pool NHPOOL 198.18.184.105 198.18.184.110 netmask 255.255.255.248 ISP Tehran Institute of Technology
  • 26. Solution (step by step)  Create a standard access control list that permits the Private addresses OR the addresses that are to be translated. Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15 ISP Tehran Institute of Technology
  • 27. Solution (step by step)  Perform NAT overloading by specifying the access-list and pool defined in the prior steps. This command translates all inside local addresses that pass access list 1, into an address from the pool named NHPOOL. Weaver(config)#ip nat inside source list 10 pool NHPOOL overload  As mentioned in LAB that the ip nat inside and ip nat outside commands have been configured already so we don’t need to configure it again on FastEthernet0/0 and Serial0/0respectively.  Copy running configuration into startup configuration. Weaver#copy running-config startup-config ISP Tehran Institute of Technology
  • 28. Solution (step by step)  Perform NAT overloading by specifying the access-list and pool defined in the prior steps. This command translates all inside local addresses that pass access list 1, into an address from the pool named NHPOOL. Weaver(config)#ip nat inside source list 10 pool NHPOOL overload  As mentioned in LAB that the ip nat inside and ip nat outside commands have been configured already so we don’t need to configure it again on FastEthernet0/0 and Serial0/0respectively.  Copy running configuration into startup configuration. Weaver#copy running-config startup-config ISP Tehran Institute of Technology
  • 29. Solution (step by step)  To verify your LAB the Click on Host for Testing —-> Desktop —-> Command Prompt  C:>ping 192.0.2.114 The ping should work well and you will be replied from 192.0.2.114  Issue “show ip nat translation“ command on Weaver Router to verify the translation. ISP
  • 30. LOGO Tehran Institute of Technology www.Win2Farsi.com Course name: CCNA Instructor: Mansour.nch Email: Powerst.basu@gmail.com Tel: +98 – 935 658 9590 Senior @ Tehran Institute of Technology Copyright 2014