Day15 NSD Cisco

Tutorial 01: static Nat applications

Tutorial objective: to implement communication between the Intranet and the Internet through static Nat

Lab environment:

Open the Cisco packet tracer software. The experiment topology is as follows:

650) This. length = 650; "src =" http://s3.51cto.com/wyfs02/M00/46/40/wKioL1PwnPzhoXhpAAFd4JTeLeY943.jpg "Title =" 01.jpg" width = "780" Height = "417" border = "0" hspace = "0" vspace = "0" style = "width: 780px; Height: pixel PX; "alt =" wkiol1pwnpzhoxhpaafd4jteley943.jpg "/>

Tutorial steps:

1. Open the Cisco packet tracer software and add two routers, two switches, and four hosts. Use the crossover line and direct line to connect to the host based on the experiment topology, and configure the IP address and gateway for the host.

2. Configure the router port address

1. router1 Global:

Int F0/0

IP address 192.168.100.254 255.255.255.0

No Shutdown

Int F0/1

IP address 61.159.62.129 255.255.255.248

No Shutdown

2. router2 Global:

Int F0/0

IP address 61.159.62.130 255.255.255.255.248

No Shutdown

Int F0/1

IP address 192.168.2.254 255.255.255.0

No Shutdown

3. Configure static NAT (router 1)

1. Configure the interface IP address and route

Global: ip nat inside source static 192.168.100.1 61.159.62.131

Ip nat inside source static 192.168.100.2 61.159.62.132

Ip nat inside source static 192.168.100.3 61.159.62.133

2. Enable nat on internal and external interfaces

Enter the egress configuration: ip nat outside

Entry configuration: ip nat inside

4. Configure the default route

1. router1 Global: IP Route 0.0.0.0 0.0.0.0 F0/1

5. View Nat Translation

Privilege: Show ip nat translations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/46/3F/wKiom1PwnCTgJghEAACFgSg7Jmg140.jpg "Title =" 02.jpg" alt = "wkiom1pwnctgjgheaacfgsg7jmg140.jpg"/>

Lab Verification:

100.0 the host in the network segment can ping the Internet 192.168.2.1

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/46/40/wKioL1PwnVagqhZDAAEEcNjZz6Q046.jpg "Title =" 03.jpg" alt = "wkiol1pwnvagqhzdaaeecnjzz6q046.jpg"/>

Problem and Experience summary:

When configuring static Nat, do not forget to configure the default route on the vro. In addition, note that the internal IP address cannot be converted to the internal global address used by the port.

Tutorial 02: Dynamic NAT application

Tutorial objective: to implement communication between the Intranet and the Internet through dynamic Nat

Lab environment:

Open the Cisco packet tracer software. The experiment topology is as follows:

650) This. length = 650; "src =" http://s3.51cto.com/wyfs02/M00/46/40/wKioL1PwnPzhoXhpAAFd4JTeLeY943.jpg "Title =" 01.jpg" width = "780" Height = "417" border = "0" hspace = "0" vspace = "0" style = "width: 780px; Height: pixel PX; "alt =" wkiol1pwnpzhoxhpaafd4jteley943.jpg "/>Tutorial steps:

1. Open the Cisco packet tracer software and add two routers, two switches, and four hosts. Use the crossover line and direct line to connect to the host based on the experiment topology, and configure the IP address and gateway for the host.

2. Configure the vro port address and dynamic route (configured in the previous experiment, which is omitted here)

3. Configure dynamic NAT (router 1)

1. Configure the interface IP address and route

Global: Access-List 1 permit 192.168.100.0 0.0.255

Ip nat pool NSD 61.159.62.131 61.159.62.134 netmask 255.255.255.0

Ip nat inside source list 1 pool NSD

2. Enter the egress configuration: ip nat outside

Entry configuration: ip nat inside

4. Configure the default route

1. router1 Global: IP Route 0.0.0.0 0.0.0.0 F0/1

5. View Nat Translation

Privilege: Show ip nat translations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/46/3F/wKiom1PwnN6hs9CCAAIeGrk_r6A113.jpg "Title =" 06.jpg" alt = "wkiom1pwnn6hs9ccaaiegrk_r6a113.jpg"/>

Lab Verification:

100.0 the host in the network segment can ping the Internet 192.168.2.1

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/46/41/wKioL1PwnhHjTJRQAAEEcNjZz6Q861.jpg "Title =" 07.jpg" alt = "wkiol1pwnhhjtjrqaaeecnjzz6q861.jpg"/>

Problem and Experience summary:

When configuring the default route, you can also write the port ID of the router exit with the next hop IP address, for example, IP Route 0.0.0.0 0.0.0 F0/1.

Experiment 03: Port multiplexing (PAT)

Objective: To achieve communication between the Intranet and the Internet through port multiplexing

Lab environment:

Open the Cisco packet tracer software. The experiment topology is as follows:

650) This. length = 650; "src =" http://s3.51cto.com/wyfs02/M00/46/3F/wKiom1PwnRqyGQ_1AAFd4JTeLeY398.jpg "Title =" 08.jpg" width = "780" Height = "417" border = "0" hspace = "0" vspace = "0" style = "width: 780px; Height: pixel PX; "alt =" wkiom1pwnrqygq_1aafd4jteley398.jpg "/>

Tutorial steps:

1. Open the Cisco packet tracer software and add two routers, two switches, and four hosts. Use the crossover line and direct line to connect to the host based on the experiment topology, and configure the IP address and gateway for the host.

2. Configure the vro port address and dynamic route (configured in the previous experiment, which is omitted here)

3. Configure port multiplexing (router 1)

1. Global: Access-List 1 permit 192.168.1.0 0.0.255

Ip nat inside source list 1 int F0/1 overload

2. Enter the egress configuration: ip nat outside

Entry configuration: ip nat inside

4. Configure the default route

1. router1 (global): IP Route 0.0.0.0 0.0.0.0 F0/1

5. View Nat translation entries

Privilege: Show ip nat translations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/46/41/wKioL1PwnmiBYAikAAIheAWbrDk514.jpg "Title =" 09.jpg" alt = "wkiol1pwnmibyaikaaiheawbrdk514.jpg"/>

Lab Verification:

100.0 the host in the network segment can ping the Internet 192.168.2.1

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/46/3F/wKiom1PwnWbAC2nUAAEEcNjZz6Q308.jpg "Title =" 10.jpg" alt = "wkiom1pwnwbac2nuaaeecnjzz6q308.jpg"/>

Problem and Experience summary:

Configure port multiplexing. Ip nat inside source list 1 int F0/1 overload, where F0/1 is the egress.

This article is from the "Network Engineering" blog, please be sure to keep this source http://9262969.blog.51cto.com/9252969/1541347