Lab -NAT –
A network associate is configuring a router for the weaver company to provide internet access.
The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110.
The company has 14 hosts that need to access the internet simultaneously.
The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 -192.168.100.30.
The following have already been configured on the router
The following have already been configured on the router:
– The basic router configuration
– The appropriate interfaces have been configured for NAT inside and NAT outside
– The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.)
– All passwords have been temporarily set to “Cisco”
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Router name Weaver –
Inside global addresses 198.18.184.105 198.18.184.110/29
Inside local addresses 192.168.100.17 192.168.100.30/28
Number of inside hosts 14 –
The above named organization has 14 hosts that need to access the internet simultaneously but were provided with just 6 public IP addresses from198.18.184.105 to 198.18.184.110/29.
In this case, you have to consider using NAT Overload (or PAT)
DoubleClick on the Weaver router to access the CLI
Router> enable –
Router# configure terminal –
First you should change the router’s name to Weaver:
Router(config)#hostname Weaver –
Create a NAT pool of global addresses to be allocated with their netmask:
Weaver(config)# ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to be translated:
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was defined in the prior step:
Weaver(config)#ip nat inside source list 1 pool mypool overload
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config (Don’t forget this)
Check your configuration by going to “Host for testing” and type:
C : \>ping 192.0.2.114 –
The ping should work well and you will be replied from 192.0.2.114
This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110) Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports.
The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Weaver(config)#interface fa0/0 –
Weaver(config-if)#ip nat inside –
Weaver(config)#interface s0/0 –
Weaver(config-if)#ip nat outside