SlideShare a Scribd company logo

Day 17 nat and pat

Download as PPT, PDF
CYBERINTELLIGENTS
CYBERINTELLIGENTS

http://www.cyberintelligents.in info@cyberintelligents.in https://www.facebook.com/cyberintelligents https://in.linkedin.com/in/cyberintelligents/en https://cyberintelligents.wordpress.com/ http://cyberintelligent.blogspot.in +91 9876162698 +919988288019 http://trainingcyberintelligents.blogspot.com https://cyberintelligentsnews.wordpress.com/

Education
1 of 18
Managing IP Traffic with ACLs Scaling the Network with NAT and PAT
Outline • Overview • Introducing NAT and PAT • Translating Inside Source Addresses • Overloading an Inside Global Address • Verifying the NAT and PAT Configuration • Troubleshooting the NAT and PAT Configuration • Summary
Network Address Translation • An IP address is either local or global. • Local IP addresses are seen in the inside network.
Port Address Translation
Translating Inside Source Addresses
Configuring Static Translation • Establishes static translation between an inside local address and an inside global address Router(config)# ip nat inside source static local-ip global-ip • Marks the interface as connected to the inside Router(config-if)# ip nat inside • Marks the interface as connected to the outside Router(config-if)# ip nat outside
Enabling Static NAT Address Mapping Example
Configuring Dynamic Translation • Establishes dynamic source translation, specifying the ACL that was defined in the prior step. Router(config)# ip nat inside source list access-list-number pool name • Defines a pool of global addresses to be allocated as needed. Router(config)# ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} • Defines a standard IP ACL permitting those inside local addresses that are to be translated. Router(config)# access-list access-list-number permit source [source-wildcard]
Dynamic Address Translation Example
Overloading an Inside Global Address
Configuring Overloading • Establishes dynamic source translation, specifying the ACL that was defined in the prior step Router(config)# ip nat inside source list access-list-number interface interface overload • Defines a standard IP ACL that will permit the inside local addresses that are to be translated Router(config)# access-list access-list-number permit source source-wildcard
Overloading an Inside Global Address Example
Clearing the NAT Translation Table • Clears a simple dynamic translation entry that contains an inside translation or both an inside and outside translation Router# clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] • Clears all dynamic address translation entries Router# clear ip nat translation * • Clears a simple dynamic translation entry that contains an outside translation Router# clear ip nat translation outside local-ip global-ip • Clears an extended dynamic translation entry outer# clear ip nat translation protocol inside global-ip lobal-port local-ip local-port [outside local-ip ocal-port global-ip global-port]
• Displays translation statistics Router# show ip nat statistics • Displays active translations Router# show ip nat translations Router# show ip nat translation Pro Inside global Inside local Outside local Outside global --- 172.16.131.1 10.10.10.1 --- --- Router# show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0 … Displaying Information with show Commands
Sample Problem: Cannot Ping Remote Host
Solution: New Configuration
Using the debug ip nat Command Router# debug ip nat NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]
Translation Not Installed in the Translation Table? Verify that: • The configuration is correct. • There are not any inbound ACLs denying the packets entry to the NAT router. • The ACL referenced by the NAT command is permitting all necessary networks. • There are enough addresses in the NAT pool. • The router interfaces are appropriately defined as NAT inside or NAT outside.

Recommended

Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Coal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingCoal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingMuhammad Taqi Hassan Bukhari
 
p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4Kentaro Ebisawa
 
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017VOIP2DAY
 
20170925 onos and p4
20170925 onos and p420170925 onos and p4
20170925 onos and p4Yi Tseng
 
Troubleshoot tcp
Troubleshoot tcpTroubleshoot tcp
Troubleshoot tcpRicardo Nugas
 
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Jeff Squyres
 

Recommended

Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Coal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingCoal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingMuhammad Taqi Hassan Bukhari
 
p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4Kentaro Ebisawa
 
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017VOIP2DAY
 
20170925 onos and p4
20170925 onos and p420170925 onos and p4
20170925 onos and p4Yi Tseng
 
Troubleshoot tcp
Troubleshoot tcpTroubleshoot tcp
Troubleshoot tcpRicardo Nugas
 
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Jeff Squyres
 
Dynamic NAT
Dynamic NATDynamic NAT
Dynamic NATNetProtocol Xpert
 
Static NAT
Static NATStatic NAT
Static NATNetProtocol Xpert
 
2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 WorkshopYi Tseng
 
zebra & openconfigd Introduction
zebra & openconfigd Introductionzebra & openconfigd Introduction
zebra & openconfigd IntroductionKentaro Ebisawa
 
162 15-768
162 15-768162 15-768
162 15-768faisal123000
 
Максим Харченко. Erlang lincx
Максим Харченко. Erlang lincxМаксим Харченко. Erlang lincx
Максим Харченко. Erlang lincxAlina Dolgikh
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...telestax
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Cisco Canada
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Network address translations
Network address translations Network address translations
Network address translations Shahzad shareef
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPOlivier Bonaventure
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing ProtocolsKHNOG
 
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PROIDEA
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4Open Networking Summits
 
Introduction to DPDK RIB library
Introduction to DPDK RIB libraryIntroduction to DPDK RIB library
Introduction to DPDK RIB libraryГлеб Хохлов
 
NAT and PAT
NAT and PATNAT and PAT
NAT and PATMuuluu
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccnasinghsukdeep
 

More Related Content

What's hot

2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 WorkshopYi Tseng
 
zebra & openconfigd Introduction
zebra & openconfigd Introductionzebra & openconfigd Introduction
zebra & openconfigd IntroductionKentaro Ebisawa
 
Максим Харченко. Erlang lincx
Максим Харченко. Erlang lincxМаксим Харченко. Erlang lincx
Максим Харченко. Erlang lincxAlina Dolgikh
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...telestax
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Cisco Canada
 
Network address translations
Network address translations Network address translations
Network address translations Shahzad shareef
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPOlivier Bonaventure
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing ProtocolsKHNOG
 
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PROIDEA
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4Open Networking Summits
 

What's hot (20)

Dynamic NAT
Dynamic NATDynamic NAT
Dynamic NAT
 
Static NAT
Static NATStatic NAT
Static NAT
 
2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 Workshop
 
zebra & openconfigd Introduction
zebra & openconfigd Introductionzebra & openconfigd Introduction
zebra & openconfigd Introduction
 
162 15-768
162 15-768162 15-768
162 15-768
 
Максим Харченко. Erlang lincx
Максим Харченко. Erlang lincxМаксим Харченко. Erlang lincx
Максим Харченко. Erlang lincx
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL Lee
 
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and Services
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
 
Network address translations
Network address translations Network address translations
Network address translations
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGP
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing Protocols
 
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4
 
Introduction to DPDK RIB library
Introduction to DPDK RIB libraryIntroduction to DPDK RIB library
Introduction to DPDK RIB library
 

Similar to Day 17 nat and pat

NAT and PAT
NAT and PATNAT and PAT
NAT and PATMuuluu
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9Waqas Ahmed Nawaz
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxGeorgeThoreJr
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccnarobertoxe
 
Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2Krunal Shah
 
Chapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfChapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfBuntha Chhay
 

Similar to Day 17 nat and pat (20)

NAT and PAT
NAT and PATNAT and PAT
NAT and PAT
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccna
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routers
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)
 
Day 17.1 nat pat (2)
Day 17.1 nat pat (2)Day 17.1 nat pat (2)
Day 17.1 nat pat (2)
 
Nat
NatNat
Nat
 
Icnd210 s07l01
Icnd210 s07l01Icnd210 s07l01
Icnd210 s07l01
 
Nat pat
Nat patNat pat
Nat pat
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9
 
Nat 07
Nat 07Nat 07
Nat 07
 
Nat
NatNat
Nat
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 
Nat 03
Nat 03Nat 03
Nat 03
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptx
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2
 
Chapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfChapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdf
 

More from CYBERINTELLIGENTS

Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12CYBERINTELLIGENTS
 
Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12CYBERINTELLIGENTS
 
Day 25 cisco ios router configuration
Day 25 cisco ios router configurationDay 25 cisco ios router configuration
Day 25 cisco ios router configurationCYBERINTELLIGENTS
 

More from CYBERINTELLIGENTS (20)

Wide area networks
Wide area networksWide area networks
Wide area networks
 
Switching
SwitchingSwitching
Switching
 
Switching
SwitchingSwitching
Switching
 
Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12
 
Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12
 
Routerfundaments gurwinder
Routerfundaments gurwinderRouterfundaments gurwinder
Routerfundaments gurwinder
 
Rip 1 rip 2
Rip 1 rip 2Rip 1 rip 2
Rip 1 rip 2
 
Ospf new
Ospf newOspf new
Ospf new
 
Nat config
Nat configNat config
Nat config
 
Ipv6^ new
Ipv6^ newIpv6^ new
Ipv6^ new
 
Ip addressing...
Ip addressing... Ip addressing...
Ip addressing...
 
Ip address
Ip address Ip address
Ip address
 
Igrp
IgrpIgrp
Igrp
 
Frame relay
Frame relayFrame relay
Frame relay
 
Eigrp new
Eigrp newEigrp new
Eigrp new
 
Day 25 cisco ios router configuration
Day 25 cisco ios router configurationDay 25 cisco ios router configuration
Day 25 cisco ios router configuration
 
Day 22 _ ppp
Day 22 _ ppp Day 22 _ ppp
Day 22 _ ppp
 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 lab
 
Day 20.3 frame relay
Day 20.3 frame relay Day 20.3 frame relay
Day 20.3 frame relay
 
Day 20.2 frame relay
Day 20.2 frame relay Day 20.2 frame relay
Day 20.2 frame relay
 

Recently uploaded

How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 

Recently uploaded (20)

How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 

Day 17 nat and pat

  • 1. Managing IP Traffic with ACLs Scaling the Network with NAT and PAT
  • 2. Outline • Overview • Introducing NAT and PAT • Translating Inside Source Addresses • Overloading an Inside Global Address • Verifying the NAT and PAT Configuration • Troubleshooting the NAT and PAT Configuration • Summary
  • 3. Network Address Translation • An IP address is either local or global. • Local IP addresses are seen in the inside network.
  • 6. Configuring Static Translation • Establishes static translation between an inside local address and an inside global address Router(config)# ip nat inside source static local-ip global-ip • Marks the interface as connected to the inside Router(config-if)# ip nat inside • Marks the interface as connected to the outside Router(config-if)# ip nat outside
  • 7. Enabling Static NAT Address Mapping Example
  • 8. Configuring Dynamic Translation • Establishes dynamic source translation, specifying the ACL that was defined in the prior step. Router(config)# ip nat inside source list access-list-number pool name • Defines a pool of global addresses to be allocated as needed. Router(config)# ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} • Defines a standard IP ACL permitting those inside local addresses that are to be translated. Router(config)# access-list access-list-number permit source [source-wildcard]
  • 10. Overloading an Inside Global Address
  • 11. Configuring Overloading • Establishes dynamic source translation, specifying the ACL that was defined in the prior step Router(config)# ip nat inside source list access-list-number interface interface overload • Defines a standard IP ACL that will permit the inside local addresses that are to be translated Router(config)# access-list access-list-number permit source source-wildcard
  • 12. Overloading an Inside Global Address Example
  • 13. Clearing the NAT Translation Table • Clears a simple dynamic translation entry that contains an inside translation or both an inside and outside translation Router# clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] • Clears all dynamic address translation entries Router# clear ip nat translation * • Clears a simple dynamic translation entry that contains an outside translation Router# clear ip nat translation outside local-ip global-ip • Clears an extended dynamic translation entry outer# clear ip nat translation protocol inside global-ip lobal-port local-ip local-port [outside local-ip ocal-port global-ip global-port]
  • 14. • Displays translation statistics Router# show ip nat statistics • Displays active translations Router# show ip nat translations Router# show ip nat translation Pro Inside global Inside local Outside local Outside global --- 172.16.131.1 10.10.10.1 --- --- Router# show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0 … Displaying Information with show Commands
  • 17. Using the debug ip nat Command Router# debug ip nat NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]
  • 18. Translation Not Installed in the Translation Table? Verify that: • The configuration is correct. • There are not any inbound ACLs denying the packets entry to the NAT router. • The ACL referenced by the NAT command is permitting all necessary networks. • There are enough addresses in the NAT pool. • The router interfaces are appropriately defined as NAT inside or NAT outside.