Basic Configuration of NAT in Cisco routers
In the basic configuration of NAT, all internal network computers will share the same IP address for the public interface. Cisco routers allow the NAT settings in a way quite simple.
In this example, the cisco router performs rewriting of the public IP address to all devices that are both internal networks (LAN1 and LAN2). When devices connect to computers on the Internet, they do appear with the IP address 172.16.10.1
The following command tells the router that will translate any address that matches the access control list 90. The router performs the translation of all devices with the address of the interface f0/0, or rather by the network interface connected to the public network.
The overload keyword is not necessary to write because the router automatically configures the option.
The configuration or operation of NAT is confusing to some users because they usually relate to functions of a firewall.
General Configuration of NAT (Access Control List) -------------------------------------------- Router#configure terminal Router(config)#access-list 90 permit 192.168.1.0 0.0.0.255 Router(config)#access-list 90 permit 192.168.2.0 0.0.0.255 Router(config)#ip nat inside source list 90 interface Ethernet0/0 overload Configuring the Interface F1/0 (LAN 1) -------------------------------------------- Router(config)#interface FastEthernet1/0 Router(config-if)#ip address 192.168.1.1 255.255.255.0 Router(config-if)#ip nat inside Router(config-if)#exit Configuring the Interface F1/0 (LAN 2) -------------------------------------------- Router(config)#interface FastEthernet1/1 Router(config-if)#ip address 192.168.2.1 255.255.255.0 Router(config-if)#ip nat inside Router(config-if)#exit Configuring the Interface F0/0 (Internet) -------------------------------------------- Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 172.16.10.1 255.255.255.252 Router(config-if)#ip nat outside Router(config-if)#end Router#
In this example, the cisco router performs rewriting of the public IP address to all devices that are both internal networks (LAN1 and LAN2). When devices connect to computers on the Internet, they do appear with the IP address 172.16.10.1
The following command tells the router that will translate any address that matches the access control list 90. The router performs the translation of all devices with the address of the interface f0/0, or rather by the network interface connected to the public network.
Router(config)#ip nat inside source list 90 interface F0/0 overload
The overload keyword is not necessary to write because the router automatically configures the option.
The configuration or operation of NAT is confusing to some users because they usually relate to functions of a firewall.
0 Comments:
Post a Comment