Objectifspédagogiques : À l'issue de cette formation Cisco, les participants seront en mesure de : Installer, configurer et maintenir un routeur ou un commutateur Cisco. Mettre en œuvre un routage statique ou dynamique. Interconnecter des réseaux LAN via une solution WAN. Filtrer le trafic quel que soit le modèle de routeur Cisco. Static NAT Network Address Translation - Static NAT Network Address Translation is one-to-one mapping of a private IP address to a public IP address. Static NAT Network Address Translation is useful when a network device inside a private network needs to be accessible from internet. Dynamic NAT Network Address Translation - Dynamic NAT can be defined as mapping of a private IP address to a public IP address from a group of public IP addresses called as NAT pool. Dynamic NAT establishes a one-to-one mapping between a private IP address to a public IP address. Here the public IP address is taken from the pool of IP addresses configured on the end NAT router. The public to private mapping may vary based on the available public IP address in NAT pool. PAT Port Address Translation - Port Address Translation PAT is another type of dynamic NAT which can map multiple private IP addresses to a single public IP address by using a technology known as Port Address Translation. Here when a client from inside network communicate to a host in the internet, the router changes the source port TCP or UDP number with another port number. These port mappings are kept in a table. When the router receive from internet, it will refer the table which keep the port mappings and forward the data packet to the original sender. Theway to configure static NAT in Cisco IOS router consists of two steps that will be explained using example scenario with given topology as below: 1. Define the inside and outside interface. Defining the inside and outside interface correctly is the key to make NAT mapping works. Simply go to the interface configuration mode and then use

PAT Port Address Translation uses port numbers to convert private IP addresses to global IP to Configure NAT PAT on Cisco RouterPAT is the most commonly used method according to Static NAT and Dynamic NAT configuration. It is often used by home users or small businesses. ADSL Modems access the Internet with a single ISP IP address. PAT is applied when all computers over the local network access the Internet with a single global IP is also called NAT Overload. When a computer on the local network or remote network sends a packet to the destination computer, the port number is added to the IP default, PAT is enabled on the ADSL modem device used by home enable PAT with Packet Tracer, follow the steps below. Step 1First open the Cisco simulator program and create a topology as in the image below, then assign IP addresses to the devices and add comments to the workspace. Step 2Configure the TCP/IP settings of PC0 and PC1 as follows. Step 3To enable PAT at the Cisco Routers CLI command prompt, perform the following commands in conf t Routerconfig interface gigabitethernet 0/0 Routerconfig-if ip address Routerconfig-if ip nat inside Routerconfig-if no shutdown Routerconfig-if exit Routerconfig interface gigabitethernet 0/1 Routerconfig-if ip address Routerconfig-if ip nat outside Routerconfig-if no shutdown Routerconfig-if exit Routerconfig access-list 1 permit Routerconfig ip nat inside source list 1 interface gigabitethernet0/1 overload Routerconfig end Router wr Step 4After configuring PAT, test the network connection by pinging the IP address from the computers on the local computers on the local network have successfully connected to the Cisco Router R1 as in the following image. Step 5Click Router0 and execute the show IP nat translations command in privileged configuration mode and examine the NAT CommandsRouter0show ip nat translations Pro Inside global Inside local Outside local Outside global icmp icmp icmp icmp icmp icmp icmp Router0show ip nat statistics Total translations 0 0 static, 0 dynamic, 0 extended Outside Interfaces GigabitEthernet0/1 Inside Interfaces GigabitEthernet0/0 Hits 7 Misses 8 Expired translations 8 Dynamic mappings Router0show running-config Building configuration... Current configuration 772 bytes ! version no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname Router ! ip cef no ipv6 cef ! license udi pid CISCO1941/K9 sn FTX1524V4OL ! spanning-tree mode pvst ! interface GigabitEthernet0/0 ip address ip nat inside duplex auto speed auto ! interface GigabitEthernet0/1 ip address ip nat outside duplex auto speed auto ! interface Vlan1 no ip address shutdown ! ip nat inside source list 1 interface GigabitEthernet0/1 overload ip classless ! ip flow-export version 9 ! ! access-list 1 permit ! ! line con 0 ! line aux 0 ! line vty 0 4 login ! ! end Router Router1show running-config Building configuration... Current configuration 617 bytes ! version no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname Router ! ! ip cef no ipv6 cef ! ! license udi pid CISCO1941/K9 sn FTX15247004 ! ! spanning-tree mode pvst ! ! interface GigabitEthernet0/0 ip address duplex auto speed auto ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Vlan1 no ip address shutdown ! ip classless ! ip flow-export version 9 ! ! line con 0 ! line aux 0 ! line vty 0 4 login ! ! end Router VideoYou can watch the video below to configure Port Address Translation on the Cisco router and also subscribe to our YouTube channel to support us! Final WordIn this article, we have examined how to configure NAT PAT with simulator software. The PAT process is the most widely used method and uses more than 64,000 port numbers, and it is unlikely that router addresses will be exhausted. Thanks for following us! Related Articles♦ Static NAT ♦ Dynamic NAT ♦ VLAN Settings ♦ VLAN Routing ♦ Port Security

Withdynamic NAT, you need to specify two sets of addresses on your Cisco router: the inside addresses that will be translated. a pool of global addresses. To configure dynamic NAT, the following steps are required: 1. configure the router’s inside interface using the ip nat inside command. 2. configure the router’s outside interface using
Explore all categories to find your favorite topicPage 1 – NAT et PAT Page 2 Sommaire 1Introduction 2Terminologie 3NAT statique 4NAT dynamique 5Le PAT 6Configuration 7Vérification Page 3 1 Introduction Le NAT…Scaling IP Addresses NATPAT CCNA 4 Rick Graziani [email protected] 2 Note to instructors • If you have downloaded this presentation from the Cisco Networking Academy…7/16/2019 Practicas Nat Pat Dhcp Complementarias 1/62333 - 500 CCNA 4 Tecnologas WAN v Prctica de laboratorio Copyright 2003, Cisco Systems, de laboratorio…1. ICND 2002, Cisco Systems, Inc. All rights reserved. 1 Scaling the network with nat and Pat 2. ICND 2002, Cisco Systems, Inc. All rights reserved.…Chapter 1 Course IntroductionICND ICND * NAT and PAT Purpose This chapter introduces the Cisco IOS™ CLI on the Catalyst 1900 switch8162019 22 - NAT et PAT 1 122 – NAT et PAT 8162019 22 - NAT et PAT 1 222 Sommaire 1 Introduction2 Terminologie 3 NAT statique 4 NAT dynamique 5 Le PAT 6 on!iguration…NAT / PAT L f ld öff tli h N tLernfeld öffentliche Netze Thomas Koch & Marco Reinel 1 Agendag Wofür steht NAT / PAT Erklärung NAT Erklärung PATErklärung…1 Modul 8 NAT, PAT dan DHCP Network Address Translation NAT yaitu suatu protokol yang berfungsi untuk memetakan public IP address dengan private IP address yang dipergunakan…ACT 10 NAT con Sobrecarga PAT Al igual que las anteriores actividades 8-9 la 10 también se dividía en dos partes la A y la B pero a diferencia esta se trataba de…Chapter 1 Course Introduction* NAT and PAT Purpose This chapter introduces the Cisco IOS™ CLI on the Catalyst 1900 switch and router. Timing This chapter should© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1 Chapter 9 NAT for IPv4 Routing and Switching Essentials Presentation_ID 2© 2008…Guía de NAT + FW Utilización de Linux Nivel Avanzado Objetivos - Aprender a utilizar el comando iptables como modificador de paquetes en ambientes Linux - Conocer las…Guía de NAT + FW Utilización de Linux Nivel Avanzado Objetivos - Aprender a utilizar el comando iptables como modificador de paquetes en ambientes Linux - Conocer las…1. Por Paulo Colomés 2. 2Por Paulo Colomés - Redes - - 2010 NAT = Network Address Translation Traducción de Direcciones…CONFIGURACIÓN DEL CONMUTADOR ETHERNET 2950, NAT Y PAT Las redes de área local modernas se basan en la interconexión de con- mutadores Ethernet multicapaJourney to IPv6 A Real-World deployment for Mobiles ISP Workshops Telstra UnrestrictedLast updated 1st March 2017 Acknowledgements p We would like to acknowledge Jeff Schmidt…SEGURIDAD EN LAS REDES CORPORATIVAS MEDIANTE NETWORK ADDRESS TRANSLATION NAT Y PORT ADDRESS TRANSLATION PAT SEGURIDAD EN LAS REDES CORPORATIVAS MEDIANTE NETWORK ADDRESS…IT-Symposium 2004 © 2004 Hewlett-Packard Development Company, The information contained herein is subject to change without notice Einführung in NAT…Telstra Unrestricted Copyright Telstra© Journey to IPv6 A Real-World deployment for Mobiles APRICOT 2017 – February 2017 Jeff Schmidt- Technology Team Manager, Telstra…Slide 1 © 2003, Cisco Systems, Inc. All rights reserved. ICND © 2003, Cisco Systems, Inc. All rights reserved. 1 Scaling the Network with NAT and PAT Slide 2…

OSPFv3Cisco Configuration. OSPFv3 is the IPv6 cabaple version of OSPF. The previous version of OSPF was OSPFv2. OSPFv2 is for IPv4. Here, we will configure OSPFv3 for the below topology. As you can see, there are three areas and six routers in this topology. For OSPFv3 Configuration, we will follow the below steps one by one: 1. Enabling Global IPv6 Routing 2.

What are NAT and PAT? explained with the configuration of NAT with PAT in Cisco packet tracer. We will also enable PAT as it immensely increases the capability of NAT. NAT Network Address Translation is used to translate the private IP address to a public IP address and vice versa. Most organizations have a limited amount of public IPs as the companies have to pay for them. So, we generally use a private IP range in the internal networks. However, if the internal network wants to communicate with the public network, it is not possible since the private IP address can’t recognize the public IP address. Hence, it can’t communicate. To overcome this issue, we use NAT. As the traffic goes out of the internal network, all this internal traffic is assigned a public IP address. This is how communication becomes possible with public networks, such as the internet. Within an organization, a large number of devices access the public network. So even though the public IP addresses are not expensive but it is just not feasible to do one-to-one translation with the public IPs. Besides, organizations would have to buy a large range of public IP addresses for their network. To solve this problem, Nat is often is used with Pat Port Address Translation. While translating the IP address of the internal network traffic, a port number is assigned to the traffic to distinguish the traffic originating from different systems in the network. This allows multiple systems to access the public network with the use of just one public IP. So, in this lab, we will configure Nat with Pat. First of all, we have to label the interfaces of the router with Nat Inside and Nat Outside. This would let us know the interfaces that are handling the traffic from internal as well as the public network. After that, we have to create an access list to allow a range of IP addresses that need to be translated to public IP with the help of NAT. And finally, we will enter a command that will take the IP addresses from the access list to be translated into public IP before communicating with the public network. Using overload’ at the end of the command will enable PAT, and the router will be able to perform port address translation as well. NAT overload configuration in packet tracer DOWNLOAD Lab Tasks 1. label the interfaces 2. create a access list to allow network to be translated 3. Enable NAT with PAT Lab Configuration Task 1 Routerconfiginterface fastethernet 0/0 Routerconfigip nat inside Routerconfiginterface fastethernet 0/1 Routerconfigip nat outside Task 2 Routerconfigaccess-list 1 permit Task 3 Routerconfigip nat inside source list 1 interface fastethernet 0/1 overload Exolab: Découverte NAT-RIP via Packet Tracer. Intitulé long. Activité Packet-Tracer de découverte et de mise en pratique : - Du NAT dynamique et statique - Du routage dynamique avec le protocole RIP, en version 2. Maquette à compléter par étape (au départ, équipements paramétrés au niveau des interfaces uniquement) You are here Home / Cisco Routers / Configuring NAT on Cisco Routers Step-by-Step PAT, Static NAT, Port Redirection The depletion of the public IPv4 address space has forced the internet community to think about alternative ways of addressing networked hosts. Network Address Translation NAT therefore was introduced to overcome these addressing problems that occurred with the rapid expansion of the Internet. Even if NAT was suggested as a temporary solution, it has been adopted by all network hardware manufacturers, and it is considered a very useful technology, not only for IP address conservation, but also for many other purposes including security. Basically NAT allows a single network device a router, firewall etc to act as an agent between a private local area network and a public network such as the Internet. The purpose of this NAT device is to translate the source IP addresses of the internal network hosts into public routable IP addresses in order to communicate with the Internet. Some of the advantages of using NAT in IP networks are the following NAT helps to mitigate the depletion of the global public IP address space Networks can now use the RFC 1918 private address space internally and still have a way to access the Internet using NAT. NAT increases security by hiding the internal network topology and addressing scheme. Cisco IOS routers support different types of NAT as will be explained below. NAT has many forms and can work in several ways, but in this post I will explain the most important types of NAT. For the next 2 scenarios we will be using the following simple network 1. Overloading or Port Address Translation PAT This is the most frequently used form of NAT in IP networks. It uses the concept of “many-to-one” translation where multiple connections from different internal hosts are “multiplexed” into a single registered public IP address using different source port numbers. This type of NAT allows a maximum of 65,536 internal connections to be translated into a single public IP. This type of NAT is very useful in situations where our ISP has assigned us only a single public IP address, as shown on the diagram below. All IP addresses of the LAN network will be translated using the public IP of the router interface FastEthernet0/0 ip address ip nat outside ! interface FastEthernet0/1 ip address ip nat inside ! access-list 1 permit ip nat inside source list 1 interface FastEthernet0/0 overload 2. Static Port Address Translation Port Redirection Assume now that we have only one public IP address which is the one configured on the outside interface of our border router. We want traffic hitting our router’s public IP on port 80 to be redirected to our internal Web Server at IP interface FastEthernet0/0 ip address ip nat outside ! interface FastEthernet0/1 ip address ip nat inside ! ip nat inside source static tcp 80 80 3. Configuring Static NAT NAT can be performed both statically and dynamically. Static NAT simply maps one private IP address to a single public IP address, and this is the flavor of NAT we are discussing in this section. A Cisco router performing NAT divides its universe into the inside and the outside. Typically the inside is a private enterprise, and the outside is the public Internet. In addition to the notion of inside and outside, a Cisco NAT router classifies addresses as either local or global. A local address is an address that is seen by devices on the inside, and a global address is an address that is seen by devices on the outside. Given these four terms, an address may be one of four types Inside local addresses are assigned to inside devices. These addresses are not advertised to the outside. Inside global are addresses by which inside devices are known to the outside. Outside local are addresses by which outside devices are known to the inside. Outside global addresses are assigned to outside devices. These addresses are not advertised to the inside. Let’s jump right into static NAT configuration on a Cisco router as shown in the Figure below R1 is the router performing Network Address Translation NAT and has two interfaces Fa0/0 on the inside and Fa0/1 on the outside. The specific IP addresses involved are NAT Address Type IP Address Inside local Inside global Outside local Outside global Table 1 NAT Addresses for Figure Above You probably know very well how to configure IP addresses on router interfaces, so we skip those configuration steps and move straight to the interesting stuff. First, we have to assign Fa0/0 as NAT inside interface and Fa0/1 as NAT outside interface on R1. This would tell the router that interesting traffic entering or exiting these two interfaces will be subject to address translation. R1conf term Enter configuration commands, one per line. End with CNTL/Z. R1configinterface Fa0/0 R1config-ifip nat inside R1config-ifinterface Fa0/1 R1config-ifip nat outside R1config-ifend Now we would tell the router how to perform address translation and mention which IP addresses source or destination to re-write in packets moving between the inside and outside interfaces. Here we go R1configip nat inside source static Here, we are telling the router to perform NAT on packets coming into the router on the inside interface Fa0/0. More specifically the router would identify which of these packets have a source IP address of and would change it to before forwarding the packet out the outside interface Fa0/1. Similarly, return packets coming in at outside interface Fa0/1 would undergo translation of destination IP address. Let’s now verify if NAT is actually working as it is supposed to work. There are a couple of very useful Cisco IOS commands that can be used to do just that. Command show ip nat statistics displays the number of static and dynamic NAT translations, inside and outside interfaces, and the number of hits and misses. R1show ip nat statistics Total active translations 1 1 static, 0 dynamic; 0 extended Outside interfaces FastEthernet0/1 Inside interfaces FastEthernet0/0 Hits 0 Misses 0 CEF Translated packets 0, CEF Punted packets 0 Expired translations 0 Dynamic mappings Appl doors 0 Normal doors 0 Queued Packets 0 Command show ip nat translations displays the IP addresses for NAT translations. R1show ip nat translations Pro Inside global Inside local Outside local Outside global — — — As you see in the above output, we have one NAT entry configured with Inside global address and Inside local address specified. Outside local and Outside global addresses are blank because our NAT configuration does not change those addresses. Let’s now go to the PC and ping the Server before running the command show ip nat translations again to see if it makes any difference. R1show ip nat statistics Total active translations 2 1 static, 1 dynamic; 1 extended Outside interfaces FastEthernet0/1 Inside interfaces FastEthernet0/0 Hits 10 Misses 0 CEF Translated packets 10, CEF Punted packets 0 Expired translations 0 Dynamic mappings Appl doors 0 Normal doors 0 Queued Packets 0 R1show ip nat translations Pro Inside global Inside local Outside local Outside global icmp — — — As you can see in the above output, NAT is active as manifested by the appearance of an additional dynamic entry for ICMP protocol and some additional hits, corresponding to our ping attempt from PC to Server. We just configured and verified a simple NAT scenario translating only the source or destination not both at the same time IP addresses of packets moving between inside and outside interfaces. This sort of NAT configuration is called static NAT as a single inside local IP address is statically mapped to a single outside local IP address. Another important feature of NAT is static Port Address Translation PAT. Static PAT is designed to allow one-to-one mapping between local and global addresses. A common use of static PAT is to allow Internet users from the public network to access a Web server located in the private network. Let’s assume we intend to host a Web server on the inside on the same PC, that has an IP address The following configuration line would allow us to do just that R1configip nat inside source static tcp 80 80 This configuration line performs the static address translation for the Web server. With this configuration line, users that try to reach port 80 www are automatically redirected to port 80 www. In our case, is the IP address of the PC which is also the Web server. This configuration can be verified using the same two NAT verification commands show ip nat translations and show ip nat statistics. Notice that the address with port number 80 HTTP translates to port 80, and vice versa. Therefore, Internet users can browse the Web server even though the Web server is on a private network with a private IP address. Related Posts Comparison of Static vs Dynamic Routing in TCP/IP Networks Cisco OSPF DR-BDR Election in Broadcast Networks – Configuration Example How to Configure Port Forwarding on Cisco Router With Examples Adjusting MSS and MTU on Cisco 800 routers for PPPoE over DSL The Most Important Cisco Show Commands You Must Know Cheat Sheet

ConfigurationGuide: STP Extension in Cisco NX-OS; Static NAT Overview. Static NAT is a one-to-one mapping between an inside local address and an inside global address, without any port numbers being translated. In other words, each private IP address used on the internal devices will get translated into a public IP address when they need to send packets to

These blocks of addresses can be used by multiple organizations for their private networks but they are not routable on the Internet. For hosts with these addresses that need to access the Internet a device must be deployed at the edge of the network that performs address translation to unique public addresses. Network Address Translation NAT is used to translate Private IP addresses from the reserved private address space defined in RFC 1918 to Public IPv4 addresses which are routable on the Internet. NAT is usually implemented on a router that sits at the edge connecting a private network on side and the public network Internet on the other side. There are various types of NAT but in this lesson we will focus on the following three types of NAT. Static NAT is used to translate a private IP address to a Public IP address on a one-to-one basis. Static NAT creates a fixed translation of a private IP address or a subnet to a Public IP address or subnet. The translation is persistent and the Public IP address is same for each consecutive connection. Dynamic NAT is used translate group of private IP addresses to a pool of Public IP addresses. Dynamic NAT also establishes one-to-one mapping between private and public IP address but the translation will be temporary and after the connectivity is not required the translation will be removed and the public IP address will be returned to the pool and which can then be used to translate any other private host. Port Address Translation is used to translate multiple private IP addresses to a single public IP address. To keep each translation unique a private IP address and source port is translated to Public IP address and mapped port. Table below list various NAT terminologies NAT Terminologies Network Address Translation NAT Mapping an IP address to another IP address either statically or dynamically Port Address Translation PAT Mapping multiple IP address to a single IP address. To differentiate between connections source port is also changed. Also known as NAT overload Inside Local IP address assigned to the host on the private network Inside Global The IP address of a private host as it appears to the public network. Outside Local IP address of a public host as it appears to the private network Outside Global IP address assigned to a host on the public network by the host owner Nat Configuration We will use the network in the figure below to demonstrate the configuration of Static, Dynamic NAT and PAT. We will configure the Cisco Router to perform Static NAT on the IP address owned by Web Server and Dynamic NAT to translate the IP addresses of three hosts to dynamically to a pool of addresses. Routerconfiginterface fastethernet 0/0 Routerconfig-ifip address Routerconfig-ifip nat inside Routerconfiginterface fastethernet 0/1 Routerconfig-ifip address Routerconfig-ifip nat outside Routerconfigip nat inside source static — The command above configures static NAT for private IP address to public IP address — Routerconfigaccess-list 101 permit ip any Routerconfigaccess-list 101 permit ip any Routerconfigaccess-list 101 permit ip any Routerconfigip nat pool DYN_NAT_POOL prefix-length 24 Routerconfigip nat inside source list 101 pool DYN_NAT_POOL — The commands above configure Dynamic NAT for a group three hosts which are assigned public IP addresses from a pool of three public IP addesses — We can also configure Port Address Translation for the three hosts such that all three of them will be overloaded to a single IP address. To configure PAT use the following command Routerconfigip nat inside source list 101 interface fastethernet 0/1 overload Today we covered Network Address Translation and configuration, NAT is a very important lesson and students must have thorough conceptual and practical knowledge of NAT as almost all enterprise networks connected to the Internet use NAT.
kciV1. 397 104 195 419 6 147 302 148 377

configuration nat et pat cisco pdf