Hi ! everyone on today we are going to learn about how to configure nat using packet tracer which is given below.
Staic NAT
R0#configure terminal
R0(config)#int loopback0
R0(config-if)#ip address 10.0.0.1 255.0.0.0
R0(config-if)#ip nat inside
R0(config-if)#int f0/0
R0(config-if)#ip address 200.0.0.1 255.255.255.0
R0(config-if)#no shutdown
R0(config-if)#ip nat outside
R0(config-if)#exit
R0(config)#ip nat inside source static 10.0.0.1 200.0.0.2
R1#config terminal
R1(config)#int f0/0
R1(config-if)#ip address 200.0.0.10 255.255.255.0
R1(config-if)#no shutdown
R0#show ip nat translations
Now if we want to use the extended ping command (without NAT configured) this will be the results shown:
Thus, We can't ping from the loopback interface as shown in above screenshot.
Dynamic NAT
RouterA(config)# access-list 1 permit 192.168.0.0 0.0.0.255
RouterA(config)# ip nat pool PoolforNAT 200.23.123.6 200.23.123.10 netmask 255.255.255.0
RouterA(config)# ip nat inside source list 1 pool PoolforNAT
RouterA(config)# int loopback0
RouterA(config-if)# ip nat inside
RouterA(config-if)# int fa0/0
RouterA(config-if)# ip nat outside
RouterA(config)# access-list 1 permit 192.168.0.0 0.0.0.255
RouterA(config)# ip nat inside source list 1 interface fa0/0 overload
RouterA(config)# interface fa0/0
RouterA(config-if)# ip nat outside
RouterA(config-if)# interface loopback0
RouterA(config-if)# ip nat inside
Staic NAT
R0#configure terminal
R0(config)#int loopback0
R0(config-if)#ip address 10.0.0.1 255.0.0.0
R0(config-if)#ip nat inside
R0(config-if)#int f0/0
R0(config-if)#ip address 200.0.0.1 255.255.255.0
R0(config-if)#no shutdown
R0(config-if)#ip nat outside
R0(config-if)#exit
R0(config)#ip nat inside source static 10.0.0.1 200.0.0.2
R1#config terminal
R1(config)#int f0/0
R1(config-if)#ip address 200.0.0.10 255.255.255.0
R1(config-if)#no shutdown
R0#show ip nat translations
we want to test our NAT configuration we have to ping from R0’s loopback interface by using the ping extended command:
We can use the extended ping command by typing only “ping” at the privileged mode, specify the “target IP address” and type “y” at the “Extended commands” and specify the “source address or interface”
To approve NAT works well we can disable static NAT with the following command
R0(config)#no ip nat inside source static 10.0.0.1 200.0.0.2Now if we want to use the extended ping command (without NAT configured) this will be the results shown:
Thus, We can't ping from the loopback interface as shown in above screenshot.
Dynamic NAT
RouterA(config)# access-list 1 permit 192.168.0.0 0.0.0.255
RouterA(config)# ip nat pool PoolforNAT 200.23.123.6 200.23.123.10 netmask 255.255.255.0
RouterA(config)# ip nat inside source list 1 pool PoolforNAT
RouterA(config)# int loopback0
RouterA(config-if)# ip nat inside
RouterA(config-if)# int fa0/0
RouterA(config-if)# ip nat outside
Configure PAT (NAT Overload)
> Configure a standard access list to define what internal traffic will be translated
> Link the access list to the interface to be used for PAT
> Define interfaces as either inside or outside
PAT router commands> Link the access list to the interface to be used for PAT
> Define interfaces as either inside or outside
RouterA(config)# access-list 1 permit 192.168.0.0 0.0.0.255
RouterA(config)# ip nat inside source list 1 interface fa0/0 overload
RouterA(config)# interface fa0/0
RouterA(config-if)# ip nat outside
RouterA(config-if)# interface loopback0
RouterA(config-if)# ip nat inside
No comments:
Post a Comment