Lab 1.1.4c Configuring Static NAT Addresses

Similar documents
Lab 1.1.4a Configuring NAT

Lab Verifying NAT and PAT Configuration

Lab Configuring DHCP

Lab Configuring OSPF Timers 2500 Series

Lab Troubleshooting RIP

Lab Command Modes and Router Identification. Objective. Background/Preparation. Step 1 Login to the router in user EXEC mode

Lab Configuring Router Passwords. Objective. Background/Preparation. Step 1 Login to the router in user EXEC mode

Lab Verifying PPP Configuration

Lab Configuring OSPF Authentication 2500 Series

Lab Configuring OSPF Timers

Lab Well-Known Port Numbers and Multiple Sessions

Lab Configuring a Serial Interface

Lab Configuring Legacy DDR

Lab Troubleshooting IP Address Issues Instructor Version 2500

Lab Configuring Dialer Profiles

Lab Using the Boot System Command. Objective. Background/Preparation

Lab Verifying RIP v2 Configuration

Lab Configuring ISDN BRI (U-Interface)

Lab Configuring the OSPF Routing Process

Lab Configuring OSPF Authentication

Lab Establishing and Verifying a Telnet Connection Instructor Version 2500

Lab Configuring Static Routes Instructor Version 2500

Lab Backing up Configuration Files

Backup a copy of a router IOS from flash to a TFTP server. Reload the backup IOS software image from a TFTP server into flash on a router.

Lab 4.2.5a Connectivity Tests Ping

Lab Configuring Legacy DDR

Lab Modifying OSPF Cost Metric

Lab Backing up Configuration Files Instructor Version 2500

This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and

TELECOMMUNICATION MANAGEMENT AND NETWORKS

Lab Configuring IGRP Instructor Version 2500

Lab VTY Restriction Instructor Version 2500

This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and

Lab b Standard ACLs Instructor Version 2500

KIM DONNERBORG / RTS. Cisco Lab Øvelse Af Kim Donnerborg / RTS. Side 0 af 8

Lab Troubleshooting Routing Issues with show ip route and show ip protocols Instructor Version 2500

Lab Managing IOS Images with TFTP Instructor Version 2500

Lab Configuring Port Address Translation (PAT) Topology

Lab Router Configuration Using Setup Instructor Version 2500

Lab Configuring Dynamic and Static NAT (Solution)

Lab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)

Lab Add, Move, and Change MAC Addresses

Lab Configuring Inter-VLAN Routing

Lab Troubleshooting Routing Issues with debug Instructor Version 2500

Lab Managing the MAC Address Table 2900XL Series

Lab Command Line Fundamentals Instructor Version 2500

Lab Verifying VLAN Configurations

Lab Configuring Port Address Translation (PAT) (Instructor Version)

Lab Correcting RIPv2 Routing Problems

Lab Advanced Telnet Operations Instructor Version 2500

Lab Spanning-Tree Recalculation

Lab 9.1.5b Trunking with 802.1q

Lab Configuring and Verifying Extended ACLs Topology

Lab Configuring Static VLANs

Lab 5.6.2: Challenge RIP Configuration

Lab Troubleshooting Using traceroute Instructor Version 2500

Lab Selecting the Root Bridge

Lab Analyzing a Test Plan and Performing a Test

Network Cable : Configure & Verifying Cross-Over Cable. Network Profile: Network Discovery, File and Printer sharing

Lab Managing Router Configuration Files with Terminal Emulation Software

CCNA Explorer 1 Chapter 11 Configuring & Testing Your Network

Lab : Challenge OSPF Configuration Lab. Topology Diagram. Addressing Table. Default Gateway. Device Interface IP Address Subnet Mask

Antonio Cianfrani. Packet Tracer

Lab 2.8.2: Challenge Static Route Configuration

Lab - Building a Switch and Router Network

Device Interface IP Address Subnet Mask Default Gateway

Lab Using the CLI to Gather Network Device Information Topology

Lab VTP Client and Server Configurations

Lab Password Recovery Procedure on a Catalyst 2900 Series Switches

Lab 9.6.2: Challenge EIGRP Configuration Lab

Lab b Simple DMZ Extended Access Lists Instructor Version 2500

Lab 1.3.2: Review of Concepts from Exploration 1 - Challenge

Lab Password Recovery Procedure on a Catalyst 2950 Series Switch 2900XL Series

PT Activity 2.5.1: Basic Switch Configuration

Lab Troubleshooting WAN Connectivity

Lab Configuring and Verifying Standard IPv4 ACLs Topology

Lab 9.1.5a Trunking with ISL 2924XL Series

Lab: RIP v2 with VLSM

Lab - Troubleshooting ACL Configuration and Placement Topology

Lab Configuring TCP Load Distribution

Lab - Troubleshooting DHCPv4 Topology

CCNA 1 Chapter 2 v5.0 Exam Answers %

Lab Capturing and Analyzing Network Traffic

SEMESTER 2 Chapter 1 Planning and Cabling a Network V 4.0

Lab 6.2.7a Managing Switch Operating System Files

Chapter 8: Lab B: Configuring a Remote Access VPN Server and Client

Lab Configuring and Verifying Standard ACLs Topology

Lab Troubleshooting Basic PPP with Authentication Topology

Lab 3: Basic Device Configuration

Cisco IOS Configuration Basics

Lab 5.2.6b Managing IOS Images with ROMmon and Xmodem Instructor Version 2500

This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and

Lab Catalyst 2950T and 3550 Series Basic Setup

Lab - Designing and Implementing a Subnetted IPv4 Addressing Scheme

Lab - Examining Telnet and SSH in Wireshark

Student Instructions: "Rob Router" Learns How to Communicate...Again!

Hochschule Bremen Networking Lab

Lab Troubleshooting VTP Configuration

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Lab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)

Transcription:

Lab 1.1.4c Configuring Static NAT Addresses Objective Configure a router to use network address translation (NAT) to convert internal IP addresses, typically private addresses, into outside public addresses. Configure static IP mapping to allow outside access to an internal PC. Background/Preparation The ISP has allocated a company the public classless interdomain routing (CIDR) IP address 199.99.9.32/27. This is equivalent to 30 public IP addresses. Since the company has an internal requirement for more than 30 addresses, the IT manager has decided to use NAT. Addresses 199.99.9.33 199.99.9.39 will be reserved for static allocation and 199.99.9.40 199.99.9.62 for dynamic allocation. Routing between the ISP and the gateway router will be done using a static route between the ISP and the gateway, and a default route between the gateway and the ISP. The ISP connection to the Internet will be represented by a loopback address on the ISP router. Cable a network similar to the one in the diagram. Any router that meets the interface requirements displayed on the above diagram may be used. This includes the following and any of their possible combinations: 800 series routers 1600 series routers 1700 series routers 2500 series routers 1-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

2600 series routers Please refer to the chart at the end of the lab to correctly identify the interface identifiers to be used based on the equipment in this lab. The configuration output used in this lab is produced from 1721 series routers. Any other router used may produce slightly different output. Conduct the following steps on each router unless specifically instructed otherwise. Start a HyperTerminal session. Note: Refer to the erase and reload instructions at the end of this lab. Perform those steps on all routers in this lab assignment before continuing. Step 1 Configure the routers Configure all of the following according to the chart: The hostname The console password The virtual terminal password The enable secret password The interfaces If problems occur during this configuration, refer to the configuration reference sheet at the end of this lab for help. Step 2 Save the configuration At the privileged EXEC mode prompt, on both routers, type the command copy running-config startup-config. Step 3 Configure the hosts with the proper IP address, subnet mask, and default gateway Each workstation should be able to ping the attached router. If the ping was not successful, troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP address and default gateway. If running Windows 98, check using Start > Run > winipcfg. If running Windows 2000 or higher, check using ipconfig in a DOS window. Step 4 Verify that the network is functioning a. From the attached hosts, ping the FastEthernet interface of the default gateway router. b. Was the ping from the first host successful? c. Was the ping from the second host successful? d. If the answer is no for either question, troubleshoot the router and host configurations to find the error. Then ping again until they both are successful. Step 5 Create a static route a. Create a static route from the ISP to the Gateway router. Addresses 199.99.9.32/27 have been allocated for Internet access outside of the company. Use the ip route command to create the static route: ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 b. Is the route in the routing table? c. What command checks the routing table contents? 2-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

d. If the route was not in the routing table, give one reason why this might be so? Step 6 Create a default route a. Add a default route from the Gateway router to the ISP router using the ip route command. This will forward any unknown destination address traffic to the ISP: Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17 b. Is the route in the routing table? c. Try to ping from one of the workstations to the ISP serial interface IP address. d. Was the ping successful? e. Why? Step 7 Define the pool of usable public IP addresses To define the pool of public addresses, use the ip nat pool command: Gateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224 Step 8 Define an access list that will match the inside private IP addresses To define the access list to match the inside private addresses, use the access-list command: Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255 Step 9 Define the NAT translation from inside list to outside pool To define the NAT translation, use the ip nat inside source command: Gateway(config)#ip nat inside source list 1 pool public_access Step 10 Specify the interfaces The active interfaces on the router need to be identified as either inside or outside interfaces with respect to NAT. To do this, use the ip nat inside or ip nat outside command. Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip nat inside Gateway(config-if)#interface serial 0 Gateway(config-if)#ip nat outside Step 11 Configuring Static Mapping a. Workstation #1, 10.10.10.10/24, will be designated as the public WWW server. Thus, it needs a permanent public IP address. This mapping is defined using a static NAT mapping. 3-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

b. Configure one of the PCs on the LAN with the IP address 10.10.10.10/24 and a default gateway address of 10.10.10.1. To configure a static IP NAT mapping, use the ip nat inside source static command at the privileged EXEC mode prompt: Gateway(config)#ip nat inside source static 10.10.10.10 199.99.9.33 This permanently maps 199.99.9.33 to the inside address 10.10.10.10. c. Look at the translation table: Gateway#show ip nat translations Does the mapping appear in the output of the show command? Step 12 Testing the configuration a. From the 10.10.10.10 workstation, verify it can ping 172.16.1.1 b. Is the ping successful? c. Why? d. From the ISP router, ping the host with the static NAT translation by typing ping 10.10.10.10. e. What were the results of the ping, was it successful? f. Why? g. From the ISP router, ping 199.99.9.33. If successful, look at the NAT translation on the Gateway router, using the command show ip nat translations. h. What is the translation of the inside local host addresses? = = Upon completion of the previous steps, finish the lab by doing the following: Logoff by typing exit Turn the router off Remove and store the cables and adapter 4-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

Configuration reference sheet This sheet contains the basic configuration commands for the ISP and Gateway routers: ISP Router#configure terminal Router(config)#hostname ISP ISP(config)#enable password cisco ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#interface loopback 0 ISP(config-if)#ip address 172.16.1.1 255.255.255.255 ISP(config-if)#exit ISP(config)#interface serial 0 ISP(config-if)#ip address 200.2.2.17 255.255.255.252 ISP(config-if)#clock rate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end ISP#copy running-config startup-config Gateway Router#configure terminal Router(config)#hostname Gateway Gateway(config)#enable password cisco Gateway(config)#enable secret class Gateway(config)#line console 0 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#line vty 0 4 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip address 10.10.10.1 255.255.255.0 Gateway(config-if)#no shutdown Gateway(config-if)#exit Gateway(config)#interface serial 0 Gateway(config-if)#ip address 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17 5-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

Erasing and reloading the router Enter into the privileged EXEC mode by typing enable. If prompted for a password, enter class (if that does not work, ask the instructor). Router>enable At the privileged EXEC mode, enter the command erase startup-config. Router#erase startup-config Erasing the nvram filesystem will remove all files! Continue? [confirm] Press Enter to confirm. The response should be: Erase of nvram: complete Now at the privileged EXEC mode, enter the command reload. Router#reload System configuration has been modified. Save? [yes/no]: Type n and then press Enter. Proceed with reload? [confirm] Press Enter to confirm. In the first line of the response will be: Reload requested by console. After the router has reloaded the line prompt will be: Would you like to enter the initial configuration dialog? [yes/no]: Type n and then press Enter. Press RETURN to get started! Press Enter. Now the router is ready for the assigned lab to be performed. 6-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

Router Interface Summary Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2 800 (806) Ethernet 0 (E0) Ethernet 1 (E1) 1600 Ethernet 0 (E0) Ethernet 1 (E1) Serial 0 (S0) Serial 1 (S1) 1700 FastEthernet 0 (FA0) FastEthernet 1 (FA1) Serial 0 (S0) Serial 1 (S1) 2500 Ethernet 0 (E0) Ethernet 1 (E1) Serial 0 (S0) Serial 1 (S1) 2600 FastEthernet 0/0 (FA0/0) FastEthernet 0/1 (FA0/1) Serial 0/0 (S0/0) Serial 0/1 (S0/1) In order to find out exactly how the router is configured, look at the interfaces. This will identify what type and how many interfaces the router has. There is no way to effectively list all of the combinations of configurations for each router class. What is provided are the identifiers for the possible combinations of interfaces in the device. This interface chart does not include any other type of interface even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in an IOS command to represent the interface. 7-7 CCNA 4: WAN Technologies v 3.1 - Lab 1.1.4c Copyright 2003, Cisco Systems, Inc.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback