Port Address Translation (overload)
Syntax to implement NAT on Router
Syntax:
Router(config)#interface <type> <no>
Router(config-if)#ip NAT inside
This command need to be given on interface where LAN (Private) Network is present
Router(config-if)#ip NAT outside
This command need to be given on interface where WAN (Public) Network is present
Syntax for configuring PAT is as Follows :
Syntax:
Router(config)#ip nat inside source list <ACL-NO> <Pubiic IP / interface <type> <No> > [overload]
Configuration of PAT:
Mumbai#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Mumbai(config)#
Mumbai(config)#interface serial 0/0/1
Mumbai(config-if)#ip address 201.1.0.15 255.255.255.248
Mumbai(config-if)#no shut
%LINK-5-CHANGED: Interface Serial0/0/1, changed state to up
Mumbai(config-if)#encapsulation ppp
Mumbai(config-if)#ip nat outside
Mumbai(config-if)#exit
Mumbai(config)#interface fastEthernet 0/0
Mumbai(config-if)#ip nat inside
Mumbai(config-if)#exit
Mumbai(config)#
Mumbai(config)#access-list 10 permit 192.168.2.0 0.0.0.255
Mumbai(config)#ip nat inside source list 10 interface serial 0/0/1 overload
Mumbai(config)#end
Mumbai#
Verify the output using following commands
To verify the output:
Output:
Mumbai#show ip nat translation
Output:
ROUTER#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 201.1.0.15:4965 192.168.2.10:4965 82.204.219.231:21 82.204.219.23!1:21
tcp 201.1.0.15:4973 192.168.2.10:4973 64.12.171.246:25 64.12.171.246:25
tcp 201.1.0.15:4974 192.168.2.10:4974 82.204.219.231:21 82.204.219.231:21
tcp 201.1.0.15:53955 192.168.2.10:53955 64.4.52.182:80 64.4.52.182:80
tcp 201.1.0.15:53958 192.168.2.10:53958 207.46.208.105:80 207.46.208.105:80
tcp 201.1.0.15:53961 192.168.2.10:53961 207.46.208.105:80 207.46.208.105:80
To enable Debug on NAT:
Enter configuration commands, one per line. End with CNTL/Z.
Mumbai(config)#
Mumbai(config)#interface serial 0/0/1
Mumbai(config-if)#ip address 201.1.0.15 255.255.255.248
Mumbai(config-if)#no shut
%LINK-5-CHANGED: Interface Serial0/0/1, changed state to up
Mumbai(config-if)#encapsulation ppp
Mumbai(config-if)#ip nat outside
Mumbai(config-if)#exit
Mumbai(config)#interface fastEthernet 0/0
Mumbai(config-if)#ip nat inside
Mumbai(config-if)#exit
Mumbai(config)#
Mumbai(config)#access-list 10 permit 192.168.2.0 0.0.0.255
Mumbai(config)#ip nat inside source list 10 interface serial 0/0/1 overload
Mumbai(config)#end
Mumbai#
Show command:
Mumbai#sh ip nat translation
Mumbai#debug ip nat
Verify the output using following commands:
OUTPUT:
Mumbai#sh ip nat translations
Verify the output using following commands
To verify the output:
Output:
Mumbai#show ip nat translation
Output:
ROUTER#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 201.1.0.15:4965 192.168.2.10:4965 82.204.219.231:21 82.204.219.23!1:21
tcp 201.1.0.15:4973 192.168.2.10:4973 64.12.171.246:25 64.12.171.246:25
tcp 201.1.0.15:4974 192.168.2.10:4974 82.204.219.231:21 82.204.219.231:21
tcp 201.1.0.15:53955 192.168.2.10:53955 64.4.52.182:80 64.4.52.182:80
tcp 201.1.0.15:53958 192.168.2.10:53958 207.46.208.105:80 207.46.208.105:80
tcp 201.1.0.15:53961 192.168.2.10:53961 207.46.208.105:80 207.46.208.105:80
To enable Debug on NAT:
Router#debug ip nat
IP NAT debugging is on
Mumbai#debug ip nat
IP NAT debugging is on
No comments:
Post a Comment