Pages

Monday, October 3, 2011

NAT Static

I wont talk about what NATing does in this article. However, I will show you some basic configuration of NAT to clarify everyone understanding.


Configuration example



Configuration

R2
interface FastEthernet0/0
 ip address 192.168.1.2 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.2.1 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
router ospf 1
 log-adjacency-changes
 network 192.168.1.2 0.0.0.0 area 0
 network 192.168.2.1 0.0.0.0 area 0
!
ip http server
no ip http secure-server
!
ip route 2.2.2.0 255.255.255.0 192.168.2.2
// from inside to outside : route before translate
!
ip nat inside source static 1.1.1.1 172.16.1.1
ip nat outside source static 3.3.3.3 2.2.2.2
!

Providing route for R1 and R3 to pass the traffic through R2 to translate

R1
ip route 2.2.2.2 255.255.255.255 192.168.1.2

R2
ip route 172.16.1.0 255.255.255.0 192.168.2.1


Verify Configuration

R1#ping 2.2.2.2 source 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/66/176 ms
R1#

R3#ping 172.16.1.1 source 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/71/144 ms
R3#


R2#show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- ---                ---                2.2.2.2            3.3.3.3
icmp 172.16.1.1:2      1.1.1.1:2          2.2.2.2:2          3.3.3.3:2
icmp 172.16.1.1:8      1.1.1.1:8          2.2.2.2:8          3.3.3.3:8
--- 172.16.1.1         1.1.1.1            ---                ---
R2#

R2 debug ip nat

Mar  1 00:32:18.007: NAT*: s=3.3.3.3->2.2.2.2, d=172.16.1.1 [41]
*Mar  1 00:32:18.007: NAT*: s=2.2.2.2, d=172.16.1.1->1.1.1.1 [41]
*Mar  1 00:32:18.035: NAT*: s=1.1.1.1->172.16.1.1, d=2.2.2.2 [42]
*Mar  1 00:32:18.035: NAT*: s=172.16.1.1, d=2.2.2.2->3.3.3.3 [42]
*Mar  1 00:32:18.051: NAT*: s=3.3.3.3->2.2.2.2, d=172.16.1.1 [42]
*Mar  1 00:32:18.051: NAT*: s=2.2.2.2, d=172.16.1.1->1.1.1.1 [42]
*Mar  1 00:32:18.063: NAT*: s=1.1.1.1->172.16.1.1, d=2.2.2.2 [43]
*Mar  1 00:32:18.063: NAT*: s=172.16.1.1, d=2.2.2.2->3.3.3.3 [43]


Posted by BBru at 4:54 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)