Day15 NSD Cisco

Source: Internet
Author: User

Tutorial 01: static Nat applications

Tutorial objective: to implement communication between the Intranet and the Internet through static Nat

Lab environment:

Open the Cisco packet tracer software. The experiment topology is as follows:

650) This. length = 650; "src =" http://s3.51cto.com/wyfs02/M00/46/40/wKioL1PwnPzhoXhpAAFd4JTeLeY943.jpg "Title =" 01.jpg" width = "780" Height = "417" border = "0" hspace = "0" vspace = "0" style = "width: 780px; Height: pixel PX; "alt =" wkiol1pwnpzhoxhpaafd4jteley943.jpg "/>

Tutorial steps:

1. Open the Cisco packet tracer software and add two routers, two switches, and four hosts. Use the crossover line and direct line to connect to the host based on the experiment topology, and configure the IP address and gateway for the host.

2. Configure the router port address

1. router1 Global:

Int F0/0

IP address 192.168.100.254 255.255.255.0

No Shutdown

Int F0/1

IP address 61.159.62.129 255.255.255.248

No Shutdown

2. router2 Global:

Int F0/0

IP address 61.159.62.130 255.255.255.255.248

No Shutdown

Int F0/1

IP address 192.168.2.254 255.255.255.0

No Shutdown

3. Configure static NAT (router 1)

1. Configure the interface IP address and route

Global: ip nat inside source static 192.168.100.1 61.159.62.131

Ip nat inside source static 192.168.100.2 61.159.62.132

Ip nat inside source static 192.168.100.3 61.159.62.133

2. Enable nat on internal and external interfaces

Enter the egress configuration: ip nat outside

Entry configuration: ip nat inside

4. Configure the default route

1. router1 Global: IP Route 0.0.0.0 0.0.0.0 F0/1

5. View Nat Translation

Privilege: Show ip nat translations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/46/3F/wKiom1PwnCTgJghEAACFgSg7Jmg140.jpg "Title =" 02.jpg" alt = "wkiom1pwnctgjgheaacfgsg7jmg140.jpg"/>

Lab Verification:

100.0 the host in the network segment can ping the Internet 192.168.2.1

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/46/40/wKioL1PwnVagqhZDAAEEcNjZz6Q046.jpg "Title =" 03.jpg" alt = "wkiol1pwnvagqhzdaaeecnjzz6q046.jpg"/>

Problem and Experience summary:

When configuring static Nat, do not forget to configure the default route on the vro. In addition, note that the internal IP address cannot be converted to the internal global address used by the port.


Tutorial 02: Dynamic NAT application

Tutorial objective: to implement communication between the Intranet and the Internet through dynamic Nat

Lab environment:

Open the Cisco packet tracer software. The experiment topology is as follows:

650) This. length = 650; "src =" http://s3.51cto.com/wyfs02/M00/46/40/wKioL1PwnPzhoXhpAAFd4JTeLeY943.jpg "Title =" 01.jpg" width = "780" Height = "417" border = "0" hspace = "0" vspace = "0" style = "width: 780px; Height: pixel PX; "alt =" wkiol1pwnpzhoxhpaafd4jteley943.jpg "/>Tutorial steps:

1. Open the Cisco packet tracer software and add two routers, two switches, and four hosts. Use the crossover line and direct line to connect to the host based on the experiment topology, and configure the IP address and gateway for the host.

2. Configure the vro port address and dynamic route (configured in the previous experiment, which is omitted here)

3. Configure dynamic NAT (router 1)

1. Configure the interface IP address and route

Global: Access-List 1 permit 192.168.100.0 0.0.255

Ip nat pool NSD 61.159.62.131 61.159.62.134 netmask 255.255.255.0

Ip nat inside source list 1 pool NSD

2. Enter the egress configuration: ip nat outside

Entry configuration: ip nat inside

4. Configure the default route

1. router1 Global: IP Route 0.0.0.0 0.0.0.0 F0/1

5. View Nat Translation

Privilege: Show ip nat translations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/46/3F/wKiom1PwnN6hs9CCAAIeGrk_r6A113.jpg "Title =" 06.jpg" alt = "wkiom1pwnn6hs9ccaaiegrk_r6a113.jpg"/>

Lab Verification:

100.0 the host in the network segment can ping the Internet 192.168.2.1

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/46/41/wKioL1PwnhHjTJRQAAEEcNjZz6Q861.jpg "Title =" 07.jpg" alt = "wkiol1pwnhhjtjrqaaeecnjzz6q861.jpg"/>

Problem and Experience summary:

When configuring the default route, you can also write the port ID of the router exit with the next hop IP address, for example, IP Route 0.0.0.0 0.0.0 F0/1.


Experiment 03: Port multiplexing (PAT)

Objective: To achieve communication between the Intranet and the Internet through port multiplexing

Lab environment:

Open the Cisco packet tracer software. The experiment topology is as follows:

650) This. length = 650; "src =" http://s3.51cto.com/wyfs02/M00/46/3F/wKiom1PwnRqyGQ_1AAFd4JTeLeY398.jpg "Title =" 08.jpg" width = "780" Height = "417" border = "0" hspace = "0" vspace = "0" style = "width: 780px; Height: pixel PX; "alt =" wkiom1pwnrqygq_1aafd4jteley398.jpg "/>

Tutorial steps:

1. Open the Cisco packet tracer software and add two routers, two switches, and four hosts. Use the crossover line and direct line to connect to the host based on the experiment topology, and configure the IP address and gateway for the host.

2. Configure the vro port address and dynamic route (configured in the previous experiment, which is omitted here)

3. Configure port multiplexing (router 1)

1. Global: Access-List 1 permit 192.168.1.0 0.0.255

Ip nat inside source list 1 int F0/1 overload

2. Enter the egress configuration: ip nat outside

Entry configuration: ip nat inside

4. Configure the default route

1. router1 (global): IP Route 0.0.0.0 0.0.0.0 F0/1

5. View Nat translation entries

Privilege: Show ip nat translations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/46/41/wKioL1PwnmiBYAikAAIheAWbrDk514.jpg "Title =" 09.jpg" alt = "wkiol1pwnmibyaikaaiheawbrdk514.jpg"/>

Lab Verification:

100.0 the host in the network segment can ping the Internet 192.168.2.1

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/46/3F/wKiom1PwnWbAC2nUAAEEcNjZz6Q308.jpg "Title =" 10.jpg" alt = "wkiom1pwnwbac2nuaaeecnjzz6q308.jpg"/>

Problem and Experience summary:

Configure port multiplexing. Ip nat inside source list 1 int F0/1 overload, where F0/1 is the egress.

This article is from the "Network Engineering" blog, please be sure to keep this source http://9262969.blog.51cto.com/9252969/1541347

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.