Premium Essay

Nat Configuration

In: Computers and Technology

Submitted By frusher
Words 3234
Pages 13
Configuring Network Address Translation: Getting Started
Document ID: 13772

Contents
Introduction Prerequisites Requirements Components Used Conventions Quick Start Steps for Configuring and Deploying NAT Defining NAT Inside and Outside Interfaces Example: Allowing Internal Users to Access the Internet Configuring NAT to Allow Internal Users to Access the Internet Configuring NAT to Allow Internal Users to Access the Internet Using Overloading Example: Allowing the Internet to Access Internal Devices Configuring NAT to Allow the Internet to Access Internal Devices Example: Redirecting TCP Traffic to Another TCP Port or Address Configuring NAT to Redirect TCP Traffic to Another TCP Port or Address Example: Using NAT During a Network Transition Configuring NAT for Use During a Network Transition Example: Using NAT in Overlapping Networks Difference between One−to−One Mapping and Many−to−Many Verifying NAT Operation Conclusion Related Information

Introduction
This document explains configuring Network Address Translation (NAT) on a Cisco router for use in common network scenarios. The target audience of this document is first time NAT users. Note: In this document, when the internet, or an internet device is referred to, it means a device on any external network.

Prerequisites
Requirements
This document requires a basic knowledge of the terms used in connection with NAT. Some of the definitions can be found in NAT: Local and Global Definitions.

Components Used
The information in this document is based on these software and hardware versions: • Cisco 2500 Series Routers • Cisco IOS® Software Release 12.2 (10b)

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact…...

Similar Documents

Premium Essay

Ios Commands

... |IOS# show clock | | | | | | | |IOS# clock set hh:mm:ss Month Year | |11.04: Basic IOS Configuration|Accessing Configuration Mode |IOS# configure terminal | | | |IOS(config)# end | | | |IOS# | | |Device Identification |IOS(config)# hostname Name | | | |Name(config)# no hostname | | | |IOS(config)# | | |Line Configuration |IOS(config)# line line_type Line_# | | |(Changing the Inactivity Timeout) |IOS(config-line)# exec-timeout minutes seconds | | | |IOS(config-line)# no exec-timeout | | ...

Words: 2715 - Pages: 11

Premium Essay

Asdf

...address classes * CIDR * IP Subnet Zero * Subnetting * VLSM * Summarization 4. Router interface * Router components * Modes * Configuration register * Keyboard shortcuts 5. IOS management * Boot up sequence * Configuration saves and loads * SSH * resolving hostnames 6. dynamic routing * ip address support xxi. classful xxii. classless * types of routing protocols xxiii. distance vector * Split Horizon * Infinite Metric (Poison Reverse) xxiv. link state xxv. hybrid routing (EIGRP) * Routing protocols (show commands) xxvi. Directly Connected: 0 xxvii. Static Route 1 xxviii. RIP xxix. IGRP xxx. EIGRP xxxi. OSPF * Route table basics 7. EIGRP and OSPF ---EIGRP--- * Features * DUAL diffusion update algorithm * EIGRP terminology xxxii. Builds 3 tables * Neighbor table * Topology table * Routing table * EIGRP show commands * EIGRP topology table --OSPF-- * Overview * Adjacencies * OSPF concepts * Configuration * Ospf commands * OSPF neighbors * Router ID * Troubleshooting OSPF not forming adjacency 8. Spanning-Tree Protocol * Basics * Uses......

Words: 458 - Pages: 2

Premium Essay

Lkt2 Task 2 - Router Config Guide

...Configuration Guide ACTIONTEC MI424-WR Rev. D Firmware v4.0.16.1.56.0.10.14.4 Contents Overview of MI424-WR 3 Minimum System Requirements 3 Network Address Translation (NAT) 4 What is NAT? 4 How Does NAT Work? 4 NAT Configuration for MI424-WR 5 1. Log into router 5 2. Configure NAT 5 Packet Filtering for MI424-WR 6 What is Packet Filtering 6 Overview of MI424-WR The Actiontec MI424-WR Wireless Router is a multifunctional network device in a single box. It not only has a basic routing feature set that includes VPN, NAT, and DHCP services, it also includes some advanced features such as QoS. The MI424-WR is also a 4-port Fast Ethernet switch providing full duplex speeds of up to 100Mbits. In addition to its wired connections, it also serves as a wireless access point using wireless B and G protocols, including basic and advanced encryption methods such as WEP and WPA2. Finally, the MI424-WR additionally provides other enterprise-level security services. There is a fully customizable firewall with Intrusion Detection, DoS protection, DMZ Hosting, and Stateful Packet Inspection. With this multitude of features, the MI424-WR has been designed to be the central point of any SOHO network. Minimum System Requirements * Broadband Internet service via a RJ-45 or Coax Connection * (Any DSL modem, Cable modem or Network that uses Ethernet or Coax) * Windows 98SE, Me, 2000, XP, Vista, 7, Mac OS 9+, OS 10+, Linux, Unix * PC with an......

Words: 1982 - Pages: 8

Premium Essay

It535 Unit 1 Project

...535 Kaplan University May 13, 2014 Unit One Project Network address Translation (NAT) is a technology that can be used by network administrators to configure IP addresses of network communication. NAT permits a network device like a router to act as an agent between public and private networks. NAT provides the capability for enterprises and home users to use a single IP address to represent a group of computers on a public domain. The translation part of NAT between private and public addresses, allows a node or a group of nodes already setup with internal addresses to be stamped with an outside address, therefore permitting them to communicate over the Internet. Moreover, NAT helps in managing the private and public portion of the network because it can isolate the internal and exterior address spaces. This address isolation makes devices in a private network independent of the IP address hosts in the public network. There should be a distinction between NAT solution and firewall solution. The confusion comes from the fact that a large number of software packages do both function within the same device which is labelled a NAT box (Balchunas, 2013). NAT is a solution that allows the connection several nodes by using a single public IP address that is often confused with a firewall solution, which is intended to implement the security procedures of the organization. The scheme of NAT is centred on the point that only a few dedicated nods in the interior network are......

Words: 2865 - Pages: 12

Premium Essay

My Paper

...changed and all the priorities are equal, the router with the highest router ID will become the DR and the router with the second-highest will become the BDR. 5. What are the two steps involved when configuring OSPF authentication? Configuration of authentication keys on each OSPF interface. Configuration of area authentication. Lab 9.1 1.Does static NAT conserve IP addresses? Why or why not? Static NAT is a mapping of one inside IP address to one outside IP address. It does not conserve IP address space. 2. Does PAT conserve IP addresses? Why or why not? PAT allows multiple internal, private IP addresses to use a single external registered address. 3. Why do dynamic NAT and PAT require configuration of an access list? The standard access control list is used to define what internal traffic will be translated. 4. What is the purpose of the address pool in dynamic NAT? A pool that has been carved out of an allocated address block that assigns inside global addresses on a first come first serve basis to inside local host based on a match found in a specified access control list. 5. Give three reasons for using NAT. 1- it conserves public IP addresses. 2- Networks can make use of the private IP address ranges and NAT to either a single external public IP or a smaller pool of public IP addresses. 3- It also hides your internal IP addressing scheme from the outside world, greatly enhancing network security....

Words: 356 - Pages: 2

Premium Essay

Load Balance

...Service (VIP) Requirements............................................................................................................. 8 Clustered Pair Configuration for HA............................................................................................................. 8 Load Balancer Deployment Methods................................................................................................................ 9 Layer 4......................................................................................................................................................... 9 Direct Server Return (DR Mode)............................................................................................................. 9 Network Address Translation (NAT Mode)............................................................................................ 10 Layer 7 SNAT Mode................................................................................................................................... 11 Our Recommendation................................................................................................................................ 12 Helping you Choose............................................................................................................................. 12 Exchange 2013 Configuration for Load Balancing.......................................................................................... 14 External Access Domain.....................

Words: 8763 - Pages: 36

Premium Essay

Configuring a Wrt54G for Secure Use

...Router for Home Office Use Table of Contents Purpose 3 Network Address Translation (NAT) 4 Description 4 Instructions 4 Packet Filtering 6 Description 6 Instructions 6 Default Gateway 8 Description 8 Instructions 8 References 9 Purpose The purpose of this document is to instruct you in setting up the Linksys WRT54G for use on a home network. Using this document you should be able to configure (or walk a customer through configuring) the following on their home router: 1) Network Address Translation (NAT) 2) Packet Filtering 3) Default Gateway Functionality Network Address Translation (NAT) Description Network Address Translation (or NAT) is a function built in to the router/firewall device that allows multiple systems or devices to use one public IP address. The “translation” happens at the router where outbound traffic from internal (LAN) IP addresses is sent out as if it originated from the public (WAN) IP address that was assigned by the Internet Service Provider. This capability is enabled by default on your router. The following instructions will help you ensure everything is configured correctly for NAT to function. Instructions Log In 1) Using a web browser, visit the router configuration web page for your device. The default for this particular router would be http://192.168.1.1 2) Log in to the router configuration page using your user name and password. If these are not known, you may have to reset the......

Words: 822 - Pages: 4

Premium Essay

Router Instructions

...Cisco E4200 Router Configuration Network Address Translation Network Address Translation (NAT) is used to convert internal IP addresses into public IP addresses. This allows multiple devices on our customer’s networks to access the internet through one of public IP addresses provided by their internet service provider. The following steps will walk you through configuring the Cisco E4200 Router to perform NAT from the web browser based utility page. 1. Click the Advance Routing link in the Setup menu. 2. Click the Enabled radio button on the NAT line to activate NAT and click the Save Settings button at the bottom of the page. Packet Filtering Configuring our client’s router to conduct packet filtering will add an additional layer of security for their network. Advanced packet filtering is conducted by creating rules that either allow or reject incoming traffic based on protocol type and port number. The Cisco E4200 comes with pre-configured rules that conduct very general packet inspection. The following steps will outline how to configure the Cisco E4200 Router to perform packet filtering from the web browser based utility page. 1. Click the Security link from the menu. 2. Click the Enabled radio buttons for IPv4 and IPv6 SPI Firewall Protection. Default Gateway Installing a router for our customers will make it their Default Gateway to their ISP. A default Gateway is used to route internet traffic to and from the hosts on the......

Words: 332 - Pages: 2

Premium Essay

Mr. Chan

...Internet to playing games and running small home based business. Many of the Linksys SOHO, or small office/home office, routers offer an inexpensive way to add a powerful router/firewall to a small home or office network. Router- A device that forwards data packets along networks. Firewall- Software-based or hardware-based and is used to help keep a network secure SOHO- Small office/Home office. Almost all of the Linksys WRT54G are dual antenna 4 port wireless residential/small business router. From my configuration experience with routers, they all have a 16-32 MB or RAM and 2-8 MB FLASH memory that can be used for editing the firmware or upgrading the ROM to enable more updated features. All Linksys, netgear and D-link routers inter-operate with both 802.11b and 802.11g network protocols, and they are capable of 128 bit WEP, WPA, WPA2 encryption, MAC address filtering, IP address filtering and Internet services control. It allows web browser based configuration, and supports data throughput of up to54Mbps. Almost all time depending on Internet service provider. Security is very important when configuring home based routers. You don’t want to leave your home network venerable to unauthorized users. At all cost you have to protect your resources, assets and your network bandwidth. When you are setting up a wireless access point at your home, you will need to protect it with strong passwords, MAC address filtering, and only allow access to trusted people.......

Words: 1248 - Pages: 5

Free Essay

Cisco Ccnp Security Training

...the virtual private network (VPN) technologies supported on the Cisco Adaptive Security Appliance (ASA). This book covers ASA VPN technologies by using the latest available release of Cisco ASA, which is 8.4(3), the latest version of Adaptive Security Device Manager (ASDM), which is 6.4(7), and the latest versions of Cisco AnyConnect Secure Mobility Client (3.0.x) and Cisco Secure Desktop (3.6.x). This is important to consider because ASA suffered major changes from a command-line interface (CLI) and functionality perspective starting with Version 8.3.x and AnyConnect starting with Version 3.0.x. This chapter reviews the basic functionalities of the ASA, examines how these might interact with VPN technologies, and covers some common configuration concepts generally applicable to all VPN scenarios. Evaluating Cisco ASA Software Architecture Overview Cisco ASA was designed as a product to combine Cisco PIX firewalls and Cisco VPN concentrator functions and to add extra security functions built in to the proprietary operating system or through the addition of separate modules, such as Intrusion Prevention and Content Security. The hardware architectures were also engineered with performance, reliability, and scalability in mind. Cisco ASA and PIX run the same proprietary Finesse operating system until software Version 7.x. Starting with Version 8.x, the operating system code used on ASA differs and is based on the Linux kernel. © 2012 Pearson Education, Inc. All rights......

Words: 52748 - Pages: 211

Free Essay

Is3220 Week 7

...resources on the corporate network due to firewall rules on the collocated VPN server/firewall device to which they are connected. The solution is to configure the firewall to allow the VPN clients access to the appropriate network resources. 3. Users can't connect to VPN server from behind NAT devices most firewalls and NAT routers support the PPTP VPN protocol from behind a NAT. However, some high profile network equipment vendors don't include a NAT editor for the PPTP VPN protocol. If the user is located behind such a device, the VPN connection will fail for PPTP attempts but may work for alternate VPN protocols. All NAT devices and firewalls support IPSecpassthrough for IPSec-based VPN protocols. These VPN protocols include proprietary implementations of IPSec tunnel mode and RFC compliant L2TP/IPSec. These VPN protocols can support NAT traversal by encapsulating the IPSec communications in a UDP header. If your VPN client and server support NAT traversal and the client attempts to use L2TP/IPSec to connect to a NAT-T compliant VPN server from across a NAT, the most likely reason for this failure is that the client is running Windows XP Service Pack 2. Service Pack 2 "broke" NAT traversal for L2TP/IPSec VPN clients. You can solve this problem with a Registry entry on the VPN client computer. 4. Users complain of slow performance Slow performance is one of the most difficult problems to troubleshoot. There are a number of reasons for why VPN clients......

Words: 1569 - Pages: 7

Free Essay

Ip Version 6 Addressing Architecture

...IP version 6 As you study this section, answer the following questions: * What is the primary reason for developing IPv6? * How many hexadecimal numbers are in an IPv6 address? How does this compare to a MAC address? * What do you add to an IPv6 address when you remove one or more quartets with all 0's? * What information is included within the IPv6 address prefix? * How many numbers are used for the interface ID? How can the interface ID be related to the MAC address? * What is the difference between ISATAP and 6-to-4 tunneling? * What is the difference between tunneling and NAT-PT? This section covers the following exam objectives: * 1.3 Identify the following address formats * IPv6 IPv6 Facts The current IP addressing standard, version 4, will eventually run out of unique addresses, so a new system is being developed. It is named IP version 6 or IPv6. The IPv6 address is a 128-bit binary number. A sample IPv6 IP address looks like: 35BC:FA77:4898:DAFC:200C:FBBC:A007:8973. The following list describes the features of an IPv6 address: * The address is made up of 32 hexadecimal numbers, organized into 8 quartets. * The quartets are separated by colons. * Each quartet is represented as a hexadecimal number between 0 and FFFF. Each quartet represents 16-bits of data (FFFF = 1111 1111 1111 1111). * Leading zeros can be omitted in each section. For example, the quartet 0284 could also be represented by 284.......

Words: 979 - Pages: 4

Premium Essay

Task 2

...WRT54G/DD-WRT to perform NAT 2. Enable packet filter on Linksys WRT54G/DD-WRT 3. Setup the default gateway to share internet and network services among hosts Enabling NAT 1. After powering on the Linksys WRT45G connect the data cable from computer or laptop to Ethernet port 1 on the back of the Linksys. 2. Open a web browser and enter IP Address 192.168.1.1 into the address bar. The browser will open the DD-WRT browser interface at the System Information Page. 3. Click on the Setup tab in the upper left corner of the page. 4. You will be prompted for a username and password. The default username and password is root & admin. 5. From the setup page you will configure the WAN connection (the connection to the ISP). In almost all cases ISPs use DHCP to configure the connection. In the rare case that the ISP use a Static IP you will need to know the IP Address, Subnet Mask, Default Gateway and DNS servers all this info should be provided by the ISP. 6. Once the WAN connection is configured. You will now configure DHCP so the hosts on the client’s network can connect to the Internet through the SOHO router. 7. For DHCP Type choose DHCP server. 8. Select the Enable radio button. 9. Choose the starting IP address. Leave it at the default 100 unless the client has a unique IP scheme. 10. Set the maximum number for hosts that can receive an IP address through the DHCP server. 11. Save your configuration and......

Words: 594 - Pages: 3

Free Essay

Tutorial Mikrotik

...Panduan Penggunaan Mikrotik dengan 2(dua) Koneksi Menggunakan Mikrotik membuat 2(dua) koneksi jaringan yang berbeda (VPN IP dan Internet) dan terintegrasi dengan Jaringan Lokal menggunakan service DHCP ( Dynamic Host Configuration Protocol ). Topologi Jaringan di Kantah : LAN/JARINGAN LOKAL Modem Internet/ Speedy 192.168.1.1/24 Cloud Internet 192.168.1.2/24 HUB/SWITCH ROUTER 192.168.10.0/24 (DHCP) 10.10.100.2/25 10.10.100.1/25 MPLS Modem VPN IP 2. Cara Akses mikrotik Perangkat yang Yang diperlukan jika ingin mengguankan Mikrotik 1. Mikrotik (bisa berupa PC Yang diinstall Mikrotik atau Router Board) 2. Koneksi Internet (jika ada), misal melalui Modem ADSL 3. PC di Jaringan Lokal 4. Access point - Jaringan WiFi (Jika ada) 5. Kabel UTP Sistem pendungkung Untuk akses Mikrotik : 1. Winbox ( bisa di download di mikrotik.co.id) 2. IP Neighborhood 3. Web Browser 3. Konfigurasi IP, DNS dan NAT Koneksi ke Mikrotik PC Kabel UTP Mikrotik RB 1. Setting IP di Komputer, misal kita ber IP 192.168.1.10 / 255.255.255.0 2. Sambungkan Ethrenet di PC ke Mikrotik dengan kabel UTP 3. Buka Winbox dan Coba Buka Browse di (winbox) Koneksikan ke MAC Address, masukan user : admin tanpa password, jika masih DEFAULT. Jika sudah berubah, maka sesuaikan. Winbox merupakan Tools bawaan mikrotik yang bisa digunakan secara gratis. Winbox dijalankan di Windows OS atau jika linux bisa menggunakan Emulator seperti Wine. Untuk Koneksi memerlukan parameter berupa : IP address atau MAC...

Words: 639 - Pages: 3

Premium Essay

Cit 383

...consistent view of topology, routers update when change is made, distance vector algorithms slower. Dynamic Host Configuration Protocol (DHCP): automatically assigns IP address whenever a computer connects to the network, TCP/IP protocol at the Application layer, easily move computers, computer is configured to use this, every OS has method to tell computer to use it. Allows network administrator to centrally manage IP address and range of them to hand out. Provides- IP addresses, subnet masks, default gateway address, DNS server address, time server address. Allows computers on same LAN to communicate. Bootstrap Protocol (BOOTP): required manual intervention to add configuration information and didn’t provide mechanism for reclaiming disused IP addresses. Network Address Translation (NAT): describes methods for connecting private (internal) IP addresses to the internet (public). Uses one-to-one mapping or one-to-many mapping methods to allow one or more private IP clients to gain access to Internet by mapping private IP address to public IP addresses. Addresses 3 TCP/IP problems: malicious programmers target IP addresses, IPv4 available address pool diminishing, leasing IPv4 address is more expensive. NAT enables routers to hide IP addresses of computer on a LAN from outside networks, enables computers on LAN to communicate with outside networks, conserves IP addresses. Pre-NAT setup of Internet-connected LAN- acquire block of unique IP addresses from ISP, assign IP address......

Words: 2483 - Pages: 10