Sunday, February 13, 2022

All about NAT/PAT/DYNAMIC Translations

NAT CONFIGURATION

 


 

R3=> enabling the router as a WEB server.

# ip http server 

10.10.10.10

Open up a web browser and can log to web http://20.0.0.248 to load the webpage.

All have connectivity. An example can ping from 10 networks to 20 networks.

 

STATIC NAT >>

Here we use the COMPANY router.


 

 

Reference to the COMPANY ROUTER

# int f0/0

# ip nat inside

 

# int s0/0

# ip nat outside

 

Now applying the NAT

# ip nat inside source static 20.0.0.248 209.165.100.30

(here we use the 248 as the local WEB SERVER IP and it will match to the public IP .31)

TEST from the web


 

 

Let's try with port 80

INSTEAD, we can use the port like this to web

R2(config)#ip nat inside source static tcp 10.0.0.248 80 209.165.100.30 80


 

This is port address translation

 

Now let's see NAT overload translation aka PAT - here local PC IP addresses are translated!!!!

R2(config)#access-list 10 permit 20.0.0.0 0.0.0.255

R2(config)#ip nat inside source list 10 interface g1/0 overload

PING from PC2 to PC1

Okay!!!!!


 

 

Change the PC2 IP into .101



 

NICE!!!! the NAT translation working and it is awesome!!!!

 

But the PC1 side still has PRIVATE IP which is 10 network. Let's make it to PUBLIC!!!!

 

TO do that when the traffic is coming from the R2,, the NAT has to be happening at the R1….

 

DYNAMIC NAT POOl --->

 

R1(config)#int g1/0

R1(config-if)#ip nat outside

R1(config-if)#exit

 

R1(config)#int f0/0

R1(config-if)#ip nat inside

 

R1(config)#access-list 1 permit 10.10.10.0 0.0.0.255

 

 

ip nat pool MYPOOL 209.165.100.25 209.165.100.28 netmask 255.255.255.240

ip nat inside source list 1 pool MYPOOL overload

 

Check IP subnetting > https://www.adminsub.net/ipv4-subnet-calculator/209.165.100.30/28 to create the IP POOL

 

Now try to go web 209.165.100.30 from local PC


 

 

See NAT translation is happening really well..

 

 

ALL GOOD!!!!

 

Summary!!!!!!

 

 

 

 

 

 

Should be configured the interface as it is inside or outside

Let's Consider R2 router

# int g1/0

# ip nat outside

 

# int f0/0

# ip nat inside

 

STATIC 1to1 # ip nat inside source static 20.0.0.248 209.165.100.30

PORT ADD # ip nat inside source static tcp 20.0.0.248 80 209.165.100.30 80

Translation

1to1

PAT # access-list   10   permit   20.0.0.0   0.0.0.255

# ip nat inside source list 10 int g1/0 overload

# show ip nat translation

 

 

Dynamic # access-list   10   permit  10.10.10.0   0.0.0.255

# ip nat pool MYPOOL 209.165.100.25 209.165.100.28 network 255.255.255.248

# ip nat inside source list 10 pool MYP overload

 

 

# ip nat inside source static 20.0.0.248 209.165.100.30 (STATIC)

# ip nat inside source static tcp 20.0.0.248 80 209.165.100.30 80 (PORT)

 

# ip nat inside source list 10 interface g1/0 overload (PAT)

 

# ip nat pool MYPOOL 209.165.100.25 209.165.100.28 netmask 255.255.255.24

# ip nat inside source list 10 pool MYPOOL overload (DYNAMIC)

 

# access-list 10 permit 20.0.0.0 0.0.0.255

 

ALL DONE!!! NAT!!! CHEERS!!!!


Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)