Powered by Blogger.
Home » CCNA » NAT » Network Address translation » types of NAT » Network Address Translation III

Network Address Translation III

Posted by Unknown Thursday, February 21, 2013 0 comments

In this part we are going to configure Dynamic NAT on our gateway router ( R2). We will following the previously mentioned three steps to achieve this task like: 
  • Labeling the interfaces
  • Configuring the ACL for hosts
  • Implementing the NAT from global config mode


So here we go, and you will see it’s not that difficult to implement it practically:

Dynamic NAT Configurations:

Suppose we want to configure Dynamic NAT on R2. For this purpose, we need a pool of global IP addresses that would be dynamically mapped with our local hosts. So we need to buy these addresses from our ISP J just assume, we bought the following IP pool form our ISP:

171.16.10.52 - 171.16.10.56

We will follow above mentioned three steps to implement dynamic NAT on our current network topology:
Step 1:

Labeling the interfaces:

interface FastEthernet0/0
 ip address 192.168.1.2 255.255.255.0
 ip nat inside

interface Serial1/0
 ip address 171.16.10.1 255.255.255.0
 ip nat outside

Step 2:
An ACL needed to be created for local hosts IPs that we want to translate:

ip access-list standard NAT_IPs
 permit 192.168.3.0 0.0.0.255
 permit 192.168.2.0 0.0.0.255
 permit 192.168.4.0 0.0.0.255

Step 3:
Once ACL is created, we need to configure our IP pool and dynamic NAT from global configuration like:

ip nat pool Global_IP_Pool 171.16.10.52 171.16.10.56 netmask 255.255.255.0
ip nat inside source list NAT_IPs pool Global_IP_Pool

Our pool name is: Global_IP_Pool
ACL name is: NAT_IPs

Some of the other things done on R2 are: static route to ISP and RIP:

!
router rip
 passive-interface Serial1/0 ( this commands is configured to stop RIP advertisements to our emulated ISP)
 network 171.16.0.0
 network 192.168.1.0
!
ip route 171.16.0.0 255.255.0.0 171.16.10.2
!
!

And we are done with our Dynamic NAT! that was quite easy and simple. Now some other fun commands. In order to check the IP NAT translations going on in the network, we just issue show ip nat translations command on R2 and see the result:

From R1 we ping our ISP:

R1#ping 171.16.10.2 source 192.168.3.1
We get successful ping results to 171.16.10.2. The source IP was changed on R2 during the process of pinging as we have configured NAT on R2.

Now let’s see what’s happening on R2:












Our ping request was originated from inside local: 192.168.3.1 and has been translated into 171.16.10.52 inside global address.  One other interesting command for your geek mind:


I hope after going through all of the above commands, you will have confidence in yourself and will see how interesting it is to implement.  Just remember one thing: if dynamic NAT is used, we can’t access our local hosts from outside the network, as the router will not be sure to where it has to route the packets and for this purpose Static NAT is recommended, which we will discuss shortly.

Okay, as an example, please perform some practice of dynamic NAT with following requirements:

  • The routing protocol running is EIGRP with AS # 4
  • The IP Pool Name is CORP-IP pool
  • ACL is allows only 192.168.3.0/24 network to translate
--to be continued--
Categories: , , , icon
Pin It

Related Post:



0 comments:

Post a Comment

Copyright © My CISCO Journal . All rights reserved.