Wednesday, 24/04/2019
News
Home » Kỹ Thuật » Cấu hình NAT trên Packet Tracer

Cấu hình NAT trên Packet Tracer

Cách cấu hình NAT trên Packet Tracer

Bài gốc: How to configure NAT

Configuration of static NAT is very straight forward. In this example we have a web server connected with Router 1. Our web server is using the IP address 10.0.0.2. But due to various reasons discussed in previous article our company want to use 50.0.0.1 IP address for this server. Now our task is to configure NAT on Router 1 which translate 10.0.0.2 [ inside local web server address] to 50.0.0.1 [ inside global ip address ].

To configure static NAT follow this step by step guide

Either download this pre configured topology or create your own topology as shown in this figure

Download File
Static Nat
Configure ip address on PC and Server as given in figure

Now configure R1 exactly given here

Now configure R0 exactly given here

As you have seen in configuration there is not direct route for 10.0.0.2. So PC from network of 30.0.0.0 will never know about it. They will access 50.0.0.1 as the web server IP. To test it double click on any computer and ping from 50.0.0.1 and you will get replay.

Now ping from 10.0.0.2 and you will get destination host unreachable error.

This demonstration show how the companies use NAT to hide their internal network from the outside of the world. Now open web browser from any PC in 30.0.0.0 network and brows the 50.0.0.1 site

Static Nat web responce
As you can see in image you can easily access the 50.0.0.1

I have uploaded a configured and tested topology in case you are unable to locate the problem spot then download this configuration file. And try to find out where have you committed mistake

Download configured Static NAT

Step by Step Configuration of Dynamic NAT

With dynamic NAT, you must manually define two sets of addresses on your address translation device. One set defines which inside addresses are allowed to be translated (the local addresses), and the other defines what these addresses are to be translated to (the global addresses).

For practice either download this pre created topology or create your own on packet tracer.

Download File
daynamic NAT

In this example our internal network is using 192.168.0.0 network. We have five public ip address 50.0.0.1 to 50.0.0.5 to use. Router1(1841 Router0) is going to be NAT device. Double click on Router1(1841 Router0) and configure it as given below

Now double click on R2(1841 Router1) and configure it as given below

For testing of NAT go R1 and enable debug for NAT from privilege mode

Now go on pc and ping to 20.0.0.2

dayanmic NAT

When ICMP ping packet reach to R1. It examines its source address against the access list 1. As this packet is generated form the network of 192.168.0.0 so it will pass the access list. Now router will check NAT pools for free address to translate with this address. Which you can check in the output of debag command in R1

As you can see in output 192.168.0.5 is translate with 50.0.0.1 before leaving the router.

Now check for web access from any client pc

In real life its best practices to turn off debug after testing so go on Router 1 and turn off debug mode.

I have uploaded a configured and tested topology in case you are unable to locate the problem spot then download this configuration file. And try to find out where have you committed mistake

Download configured Dynamic NAT

Step by Step Configuration of PAT

In dynamics Nat translations is made IP to IP. so you need as much global IP address as you have inside local address. That’s an issue if you have few global IP address and hundred of inside local address to translate. In such a situation you need to use PAT.

For demonstration we are going to configure the same topology which we used in dynamic NAT but this time we are using only one global IP address 50.0.0.1

Download this Pre created topology
daynamic NAT

IP address of PC are already configured double click on R1 and configured it as given here

Now configure to R2 as given below

Now configure to R2 as given below

Now go on pc and ping to 20.0.0.2
dayanmic NAT

To verify PAT go on R1 and run show ip nat translations

As you can see this time address translation is done with port address instead of IP

I have uploaded a configured and tested topology in case you are unable to locate the problem spot then download this configuration file. And try to find out where have you committed mistake

Download configured PAT

1 Star2 Stars3 Stars4 Stars5 Stars6 Stars7 Stars8 Stars9 Stars10 Stars (1 votes, average: 10.00 out of 10)
Loading...

Leave a Reply

Your email address will not be published. Required fields are marked *

*

:cuoi: :hix: :hihihi: :kiss: :sexy: :dotay: :ngacnhien: :oh: :love: more »