Here,we are going to see how to configure static NAT using packet tracer.
Step 1:Create topology like this,
Step 2:Configure router and host with ip address like i have given in a topology.
In Router R1,global config mode
R1(config)#interface fastethernet 0/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface fastethernet 1/0
R1(config-if)#ip address 20.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
In Router R2,global config mode
R2(config)#interface fastethernet 1/0
R2(config-if)#ip address 20.0.0.2 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface fastethernet 0/0
R2(config-if)#ip address 30.0.0.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
Step 3:Register a domain www.cisco.com with public ip address(20.0.0.1) that we bought from internet service provider.To do that click on server->Config->DNS
Name should be 'www.cisco.com'
Address should be '20.0.0.1' .Then click on add and save.
Step 4:Configure host 30.0.0.10 that is in public network with ip address ,default gateway,dns server ip address.To do this,
Click on PC->Desktop->Ip Configuration
Ip Address ->30.0.0.10
Subnet Mask ->255.0.0.0
Default Gateway ->30.0.0.1
DNS Server ->20.0.0.1
Here,DNS server is present in our local area network,just give our public ip 20.0.0.1 NAT will do translation that packets comes to 20.0.0.1 to 10.0.0.10.
Step 5:Choose the interface for inside and outside,Here interface fastethernet 0/0 as 'Inside' and interface fastethernet1/0 as 'Ouside' .Configure this two interface with this command,
In Router R1,global config mode
R1(config)#interface fastethernet 0/0
R1(config-if)#ip nat inside
R1(config-if)#exit
R1(config)#interfac fastethernet 1/0
R1(config-if)#ip nat outside
R1(config-if)#exit
Step 6:Configure Static NAT in Router R1 to translate 10.0.0.10(Private) as 20.0.0.1(Public).When host replies for the request NAT will undo the translation.
In Router R1,global config mode
R1(config)#ip nat inside source static 10.0.0.10 20.0.0.1
Step 7:Configure a Static default route to Router R1 to forward packets to 20.0.0.2 (next hop address) for the packets to any network.
In Router R1,global config mode
R1(config)#ip route 0.0.0.0 0.0.0.0 20.0.0.2
Step 8:Now give this command to see translation process when host request server.
In privileged mode,
R1#debug ip nat
You will get this 'IP NAT debugging is on'.This is to see the translation process when host 30.0.0.10 request 20.0.0.1 for web page.
Step 9:Now, Click on host 30.0.0.10->Desktop->web Browser.Now give 'www.cisco.com' in address bar and Press Enter.Now we get a web page from server(10.0.0.10).Because,the ISP routers knows where the public ip addresses were present.And go to router R1 to see Translation process.
Process when we request a web page in web browser,
Host request DNS server asking for the ip address for the domain www.cisco.com
Host gets a ip address for that domain from DNS.Now host knows the ip for that domain. It will request a service that present 20.0.0.1:80.When request reached 20.0.0.1 router will translate to 10.0.0.10 .For the reply router will undo the translation,
Translation process in router R1,
R1#
NAT: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [11]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [7]
NAT: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [12]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [8]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [13]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [14]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [9]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [15]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [10]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [16]
Trouble shooting commands,
R1#show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 20.0.0.1 10.0.0.10 --- ---
tcp 20.0.0.1:80 10.0.0.10:80 30.0.0.10:1025 30.0.0.10:1025
tcp 20.0.0.1:80 10.0.0.10:80 30.0.0.10:1026 30.0.0.10:1026
R1#show ip nat statistics
Total translations: 3 (1 static, 2 dynamic, 2 extended)
Outside Interfaces: FastEthernet1/0
Inside Interfaces: FastEthernet0/0
Hits: 18 Misses: 5
Expired translations: 3
Dynamic mappings:
R1#Clear ip nat translation *
Step 1:Create topology like this,
Step 2:Configure router and host with ip address like i have given in a topology.
In Router R1,global config mode
R1(config)#interface fastethernet 0/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface fastethernet 1/0
R1(config-if)#ip address 20.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
In Router R2,global config mode
R2(config)#interface fastethernet 1/0
R2(config-if)#ip address 20.0.0.2 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface fastethernet 0/0
R2(config-if)#ip address 30.0.0.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
Step 3:Register a domain www.cisco.com with public ip address(20.0.0.1) that we bought from internet service provider.To do that click on server->Config->DNS
Name should be 'www.cisco.com'
Address should be '20.0.0.1' .Then click on add and save.
Step 4:Configure host 30.0.0.10 that is in public network with ip address ,default gateway,dns server ip address.To do this,
Click on PC->Desktop->Ip Configuration
Ip Address ->30.0.0.10
Subnet Mask ->255.0.0.0
Default Gateway ->30.0.0.1
DNS Server ->20.0.0.1
Here,DNS server is present in our local area network,just give our public ip 20.0.0.1 NAT will do translation that packets comes to 20.0.0.1 to 10.0.0.10.
Step 5:Choose the interface for inside and outside,Here interface fastethernet 0/0 as 'Inside' and interface fastethernet1/0 as 'Ouside' .Configure this two interface with this command,
In Router R1,global config mode
R1(config)#interface fastethernet 0/0
R1(config-if)#ip nat inside
R1(config-if)#exit
R1(config)#interfac fastethernet 1/0
R1(config-if)#ip nat outside
R1(config-if)#exit
Step 6:Configure Static NAT in Router R1 to translate 10.0.0.10(Private) as 20.0.0.1(Public).When host replies for the request NAT will undo the translation.
In Router R1,global config mode
R1(config)#ip nat inside source static 10.0.0.10 20.0.0.1
Step 7:Configure a Static default route to Router R1 to forward packets to 20.0.0.2 (next hop address) for the packets to any network.
In Router R1,global config mode
R1(config)#ip route 0.0.0.0 0.0.0.0 20.0.0.2
Step 8:Now give this command to see translation process when host request server.
In privileged mode,
R1#debug ip nat
You will get this 'IP NAT debugging is on'.This is to see the translation process when host 30.0.0.10 request 20.0.0.1 for web page.
Step 9:Now, Click on host 30.0.0.10->Desktop->web Browser.Now give 'www.cisco.com' in address bar and Press Enter.Now we get a web page from server(10.0.0.10).Because,the ISP routers knows where the public ip addresses were present.And go to router R1 to see Translation process.
Process when we request a web page in web browser,
Host request DNS server asking for the ip address for the domain www.cisco.com
Host gets a ip address for that domain from DNS.Now host knows the ip for that domain. It will request a service that present 20.0.0.1:80.When request reached 20.0.0.1 router will translate to 10.0.0.10 .For the reply router will undo the translation,
Translation process in router R1,
R1#
NAT: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [11]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [7]
NAT: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [12]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [8]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [13]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [14]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [9]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [15]
NAT*: s=10.0.0.10->20.0.0.1, d=30.0.0.10 [10]
NAT*: s=30.0.0.10, d=20.0.0.1->10.0.0.10 [16]
Trouble shooting commands,
R1#show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 20.0.0.1 10.0.0.10 --- ---
tcp 20.0.0.1:80 10.0.0.10:80 30.0.0.10:1025 30.0.0.10:1025
tcp 20.0.0.1:80 10.0.0.10:80 30.0.0.10:1026 30.0.0.10:1026
R1#show ip nat statistics
Total translations: 3 (1 static, 2 dynamic, 2 extended)
Outside Interfaces: FastEthernet1/0
Inside Interfaces: FastEthernet0/0
Hits: 18 Misses: 5
Expired translations: 3
Dynamic mappings:
R1#Clear ip nat translation *
Excellent
ReplyDeleteThe clients of Gmail do need to return over and over to their mailbox to erase the undesirable mail. junk mail senders
ReplyDelete