Packet Tracer 4.0 Skill Building Activity: Lab 1.1.4a Configuring NAT

advertisement
Packet Tracer 4.0 Skill Building Activity: Lab 1.1.4a Configuring NAT Solution
Objective
Use Packet Tracer to practice the following skills:

Completing router configuration.

Configure a router to use network address translation (NAT) to convert internal IP addresses
into outside public IP addresses.
Scenario
An ISP has allocated a company the public classless interdomain routing (CIDR) IP address
199.99.9.32/30. This is equivalent to 2 public IP addresses. Since the company has an internal
requirement for more than 2 addresses, the IT manager has decided to implement NAT with
overload. Routing will be done between the ISP and the gateway router used by the company. A
static route will be used between the ISP and gateway routers and a default route will be used
between the gateway router and the ISP. The ISP connection to the Internet will be represented by a
loopback address on the ISP router.
.
Required Files
To complete this lab, the following files will be needed:

Configuring NAT.pka

Configuring NAT LabHandout.doc
Activity:
Step 1
Open the PT activity file, Configuring NAT.pka.
Using the CLI, configure the routers with the following IP addresses:
1-3
Packet Tracer 4.0 Activity
Copyright  2006, Cisco Systems, Inc.
(Set the clock rate to 56000 on the appropriate interfaces.)
ISP Serial 0/0 200.2.2.17 /30
ISP(config)#interface Serial 0/0
ISP(config-if)#ip address 200.2.2.17 255.255.255.252
ISP(config-if)#clock rate 56000
ISP(config-if)#no shutdown
Gateway Serial 0/0 200.2.2.18 /30
Gateway(config)#interface Serial 0/0
Gateway(config-if)#ip address 200.2.2.18 255.255.255.252
Gateway(config-if)#no shutdown
Gateway FastEthernet 0/0 10.10.10.1 /24
Gateway(config)#interface FastEthernet 0/0
Gateway(config-if)#ip address 10.10.10.1 255.255.255.0
Gateway(config-if)#no shutdown
Configure the hosts as follows:
PC0 10.10.10.2 /24
IP address 10.10.10.2, Subnet Mask 255.255.255.0, Default Gateway 10.10.10.1
PC1 10.10.10.3 /24
IP address 10.10.10.3, Subnet Mask 255.255.255.0, Default Gateway 10.10.10.1
Step 2
Create a static route from the ISP to the Gateway router. Addresses in the 199.99.9.32/30 space
have been allocated for Internet access. Use the ip route command to create the static route.
ISP(config)#ip route 199.99.9.32 255.255.255.252 200.2.2.18
Step 3
Create a default route from the Gateway router to the ISP router. This will forward any unknown
destination address traffic to the ISP by setting a Gateway of Last Resort on the Gateway router.
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Try to reach all addresses using ping from one of the hosts. The host will not be able to successfully
ping the ISP Serial interface. Why does this ping fail? The echo-request from the PC will reach the
ISP. The source address for the echo-request will be 10.10.10.x because the NAT configuration has
not occurred. However, the ISP has no routing table entry for the 10.0.0.0 network; therefore the ISP
will not send an echo-reply.
Step 4
On the Gateway router define the pool of public addresses, use the ip nat pool command, name
it "public-access" and assign the useable addresses for the pool 199.99.9.32 /30.
2-3
Packet Tracer 4.0 Activity
Copyright  2006, Cisco Systems, Inc.
Gateway(config)#ip nat pool public-access 199.99.9.33 199.99.9.34 netmask
255.255.255.252
Step 5
Define a standard access list (use "1" as the ACL number) that will define the hosts needing address
translation.
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255
Step 6
Define the NAT translation from inside list to outside pool (overload the interface).
Gateway(config)#ip nat inside source list 1 pool public-access overload
Step 7
Specify the NAT interfaces on the Gateway router.
Gateway(config)#interface serial0/0
Gateway(config-if)#ip nat outside
Gateway(config-if)#interface fastethernet 0/0
Gateway(config-if)#ip nat inside
Step 8
Test the configuration. The hosts should now be able to successfully ping all the interfaces on each
router.
3-3
Packet Tracer 4.0 Activity
Copyright  2006, Cisco Systems, Inc.
Download