SlideShare a Scribd company logo

CCNP.ppt

Download as PPT, PDF
K
karthikvcyber

CCNP

Education
1 of 40
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 2 Objectives • Understand the purpose and operation of network address translation (NAT) • Understand and configure static NAT, dynamic NAT, and PAT • Understand and configure Dynamic Host Configuration Protocol (DHCP) • Understand and configure Domain Name Services (DNS) • Configure network services using Cisco’s Security Device Manager (SDM)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 3 Network Address Translation • Network address translation (NAT) – Defined in RFC 3022 • Describes methods for connecting private (internal) IP addresses to the Internet • NAT uses a one-to-one mapping or one-to-many mapping method – To allow one or more private IP clients to gain access to the Internet by mapping the private IP addresses to public IP addresses
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 4 Network Address Translation (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 5 Network Address Translation (continued) • Advantages – Conserves public IP addresses – Hides your internal IP addressing scheme from the outside world, greatly enhancing network security – Allows for easy renumbering of your IP addresses • Disadvantages – Introduces a small amount of delay into your network • Because the NAT router has to create and maintain the NAT table – End-to-end IP traceability is lost – Some applications fail due to NAT
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 6 Network Address Translation (continued) • NAT is available in three forms: – Static NAT – Dynamic NAT – Port address translation (PAT)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 7 Static NAT • Static NAT – The simplest form of NAT – A single private IP address is mapped to a single public IP address • NAT router must maintain a table in memory – Table maps internal IP addresses to addresses presented to the Internet
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 8
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 9 Static NAT (continued) • The network configuration for NAT is quite simple in a small network – The NAT router will be the default gateway for all clients • In a larger network, the NAT router might be one of many routers – Routers would have to be configured to use the NAT router for Internet communications • NAT should be configured on the border router of a large network
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 10 Dynamic NAT • Dynamic NAT – The NAT router automatically maps a group of valid local IP addresses to a group of Internet IP addresses, as needed • The network administrator is not concerned about which IP address the internal clients use • Any private IP address will automatically be translated to one of the available Internet IP addresses by the NAT router – Addresses for dynamic NAT are pulled out of a predefined pool of public addresses
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 11 Port Address Translation • Port address translation (PAT) – Also known as overloading – Is a special form of dynamic NAT – Allows multiple internal, private IP addresses to use a single external registered address • To differentiate between the connections, PAT uses multiple public TCP and UDP ports – To create unique sockets that map to internal IP addresses
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 12 Port Address Translation (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 13 Port Address Translation (continued) • The NAT server uses port forwarding – To send connections from external clients to the Web server on the internal network • Overlapping – Occurs when: • The internal network has been incorrectly configured for an IP range that actually exists on the Internet or • Two companies merge and each company was using the same private IP address range – Can be solved using NAT because NAT hides the incorrectly configured internal IP scheme
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 14 Configuring Network Address Translation • You can configure NAT as static NAT, dynamic NAT, or PAT
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 15 Configuring Static NAT • Configuring static NAT is a two-step process: – Define the static mapping between the inside address and the outside address – Define the NAT router’s interfaces as inside or outside • The static mapping is defined with the following command: ip nat inside source static [inside ip] [outside ip]
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 16 Configuring Dynamic NAT • Steps: – Configure a standard access control list to define what internal traffic will be translated – Define a pool of addresses to be used for dynamic NAT allocation – Link the access list to the NAT pool – Define interfaces as either inside or outside • To define the standard access list, you must use the following syntax: RouterA(config)#access-list [1-99] permit [inside IP network(s)] [wildcard mask]
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 17 Configuring Dynamic NAT (continued) • The syntax for defining the NAT pool is: ip nat pool [pool name] [start ip] [end ip] netmask [netmask] • The pool must then be linked to the access list with the following command: ip nat inside source list [access list number] pool [pool name] • Finally, you must define the interfaces as either inside or outside
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 18 Configuring Dynamic NAT (continued) • Steps for configuring PAT: – Configure a standard access list to define what internal traffic will be translated – Link the access list to the interface to be used for PAT – Define interfaces as either inside or outside
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 19
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 20 Domain Name Service • Domain Name Service (DNS) – A popular and important naming service – Based on the client/server model, DNS translates names into IP addresses • Use the ip host command to manually provide name resolution on a Cisco router • Lookup – By default, a Cisco router will try several times to find an IP address for a name if you enter one
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 21 Domain Name Service (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 22 Domain Name Service (continued) • Configuring DNS Lookup – The command to configure a DNS lookup on a Cisco router is ip name-server • The ip domain-lookup command enables DNS if it has previously been disabled
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 23 Dynamic Host Configuration Protocol • Dynamic Host Configuration Protocol (DHCP) – Provides IP configuration information to hosts on bootup – This functionality is much like that provided by older protocols RARP and BOOTP • DHCP manages addressing by leasing the IP information to the hosts – This leasing allows the information to be recovered when not in use and reallocated when needed
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 24 Dynamic Host Configuration Protocol (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 25 Dynamic Host Configuration Protocol (continued) • You can configure your Cisco router to be a DHCP server • DHCP relay – The router can forward the request to other DHCP servers if it cannot satisfy a DHCP request • Configuring the router to be a DHCP server – Enable the service using the service dhcp command at the global configuration mode prompt – Configure DHCP bindings and decide where to store the DHCP bindings database
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 26 Dynamic Host Configuration Protocol (continued) • Configuring the router to be a DHCP server (continued) – Define the pool of addresses – Configure any optional IP configuration parameters – Exclude any statically configured addresses • Monitoring DHCP – The best way to check the bindings is to execute the show ip dhcp binding command on the router – For information on the specific DHCP address pool, use the show ip dhcp pool command
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 27
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 28 Dynamic Host Configuration Protocol (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 29 Security Device Manager • Cisco’s new Security Device Manager (SDM) – Web-based tool for advanced configuration on Cisco routers – SDM can be used to configure the NAT, DNS, and DHCP services • These services are relatively easy to configure using the command-line interface
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 30 Security Device Manager (continued) • Using SDM to Configure NAT – Using SDM to configure static NAT • See Figure 9-9 – Using SDM to configure dynamic NAT • See Figures 9-10 and 9-11 – Using SDM to configure PAT • See Figure 9-12
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 31
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 32
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 33
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 34
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 35 Security Device Manager (continued) • Using SDM to configure DNS – See Figure 9-13 • Using SDM to configure DHCP – See Figure 9-14
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 36 Security Device Manager (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 37
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 38 Summary • NAT is a technology that allows organizations to map valid external addresses to private or unregistered internal addresses • Organizations can use NAT to allow many more people to access the Internet by sharing one or more valid public addresses • Static NAT involves mapping each internal IP address to a separately defined outside IP address • Dynamic NAT involves the mapping of inside addresses to a smaller pool of outside addresses
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 39 Summary (continued) • PAT allows an organization to map more than one internal private IP address to a single outside IP address by using port numbers to identify the separate connections • The Domain Name Service (DNS) is used to provide an IP address-to-name mapping so that users can refer to hosts by name rather than address
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 40 Summary (continued) • The Dynamic Host Configuration Protocol provides IP configuration information such as address, subnet mask, default-gateway, DNS and WINS server location, and domain name to hosts on the network • SDM is a Web-enabled Cisco product that allows advanced router configuration without using the command-line interface

Recommended

CCNA Network Services
CCNA Network ServicesCCNA Network Services
CCNA Network ServicesDsunte Wilson
 
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4newbie2019
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9Waqas Ahmed Nawaz
 
CCNAv5 - S2: Chapter4 Routing Concepts
CCNAv5 - S2: Chapter4 Routing ConceptsCCNAv5 - S2: Chapter4 Routing Concepts
CCNAv5 - S2: Chapter4 Routing ConceptsVuz Dở Hơi
 
KPUCC-Rs instructor ppt_chapter4_final
KPUCC-Rs instructor ppt_chapter4_finalKPUCC-Rs instructor ppt_chapter4_final
KPUCC-Rs instructor ppt_chapter4_finalFisal Anwari
 
Chapter 04 - Routing Concepts
Chapter 04 - Routing ConceptsChapter 04 - Routing Concepts
Chapter 04 - Routing ConceptsYaser Rahmati
 
Chapter 15 : routing concepts
Chapter 15 : routing conceptsChapter 15 : routing concepts
Chapter 15 : routing conceptsteknetir
 

Recommended

CCNA Network Services
CCNA Network ServicesCCNA Network Services
CCNA Network ServicesDsunte Wilson
 
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4newbie2019
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9Waqas Ahmed Nawaz
 
CCNAv5 - S2: Chapter4 Routing Concepts
CCNAv5 - S2: Chapter4 Routing ConceptsCCNAv5 - S2: Chapter4 Routing Concepts
CCNAv5 - S2: Chapter4 Routing ConceptsVuz Dở Hơi
 
KPUCC-Rs instructor ppt_chapter4_final
KPUCC-Rs instructor ppt_chapter4_finalKPUCC-Rs instructor ppt_chapter4_final
KPUCC-Rs instructor ppt_chapter4_finalFisal Anwari
 
Chapter 04 - Routing Concepts
Chapter 04 - Routing ConceptsChapter 04 - Routing Concepts
Chapter 04 - Routing ConceptsYaser Rahmati
 
Chapter 15 : routing concepts
Chapter 15 : routing conceptsChapter 15 : routing concepts
Chapter 15 : routing conceptsteknetir
 
How to configure a router
How to configure a router How to configure a router
How to configure a router IT Tech
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxGeorgeThoreJr
 
Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
Network client configuration
Network client configurationNetwork client configuration
Network client configurationEduardo Cambinda
 
CCNA Exploration 4 - Chapter 7
CCNA Exploration 4 - Chapter 7CCNA Exploration 4 - Chapter 7
CCNA Exploration 4 - Chapter 7Irsandi Hasan
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccnaLakshan Perera
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4Nil Menon
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1Chaing Ravuth
 
DHCP and Nat
DHCP and NatDHCP and Nat
DHCP and NatAbderrazak Mosaid
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXBangladesh Network Operators Group
 
NWI FOR OLATUNDE ISMAILA (G10B)
NWI FOR OLATUNDE ISMAILA (G10B)NWI FOR OLATUNDE ISMAILA (G10B)
NWI FOR OLATUNDE ISMAILA (G10B)olatunde ismaila
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccnaLakshan Perera
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
CCNA 1 Chapter 6 v5.0 2014
CCNA 1 Chapter 6 v5.0 2014CCNA 1 Chapter 6 v5.0 2014
CCNA 1 Chapter 6 v5.0 2014Đồng Quốc Vương
 
MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - EnglishAdhie Lesmana
 
Link i pv4
Link i pv4Link i pv4
Link i pv4NARESH A
 
Nat
NatNat
NatBasiroh M.Kom
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingbrainxMagic
 
Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...karthikvcyber
 
Security Information Event Management Security Information Event Management
Security Information Event Management Security Information Event ManagementSecurity Information Event Management Security Information Event Management
Security Information Event Management Security Information Event Managementkarthikvcyber
 

More Related Content

Similar to CCNP.ppt

How to configure a router
How to configure a router How to configure a router
How to configure a router IT Tech
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxGeorgeThoreJr
 
Network client configuration
Network client configurationNetwork client configuration
Network client configurationEduardo Cambinda
 
CCNA Exploration 4 - Chapter 7
CCNA Exploration 4 - Chapter 7CCNA Exploration 4 - Chapter 7
CCNA Exploration 4 - Chapter 7Irsandi Hasan
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4Nil Menon
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1Chaing Ravuth
 
NWI FOR OLATUNDE ISMAILA (G10B)
NWI FOR OLATUNDE ISMAILA (G10B)NWI FOR OLATUNDE ISMAILA (G10B)
NWI FOR OLATUNDE ISMAILA (G10B)olatunde ismaila
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - EnglishAdhie Lesmana
 
Link i pv4
Link i pv4Link i pv4
Link i pv4NARESH A
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingbrainxMagic
 

Similar to CCNP.ppt (20)

How to configure a router
How to configure a router How to configure a router
How to configure a router
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptx
 
Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat
 
Network client configuration
Network client configurationNetwork client configuration
Network client configuration
 
CCNA Exploration 4 - Chapter 7
CCNA Exploration 4 - Chapter 7CCNA Exploration 4 - Chapter 7
CCNA Exploration 4 - Chapter 7
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methods
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1
 
DHCP and Nat
DHCP and NatDHCP and Nat
DHCP and Nat
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX
 
NWI FOR OLATUNDE ISMAILA (G10B)
NWI FOR OLATUNDE ISMAILA (G10B)NWI FOR OLATUNDE ISMAILA (G10B)
NWI FOR OLATUNDE ISMAILA (G10B)
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 
CCNA 1 Chapter 6 v5.0 2014
CCNA 1 Chapter 6 v5.0 2014CCNA 1 Chapter 6 v5.0 2014
CCNA 1 Chapter 6 v5.0 2014
 
MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English
 
Link i pv4
Link i pv4Link i pv4
Link i pv4
 
Nat
NatNat
Nat
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning Networking
 

More from karthikvcyber

Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...karthikvcyber
 
Security Information Event Management Security Information Event Management
Security Information Event Management Security Information Event ManagementSecurity Information Event Management Security Information Event Management
Security Information Event Management Security Information Event Managementkarthikvcyber
 
cybersecuritycybersecuritycybersecuritycybersecurity
cybersecuritycybersecuritycybersecuritycybersecuritycybersecuritycybersecuritycybersecuritycybersecurity
cybersecuritycybersecuritycybersecuritycybersecuritykarthikvcyber
 
Standards & Framework.pdf
Standards & Framework.pdfStandards & Framework.pdf
Standards & Framework.pdfkarthikvcyber
 
Standards & Framework.ppt
Standards & Framework.pptStandards & Framework.ppt
Standards & Framework.pptkarthikvcyber
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 
cryptography-Final.pptx
cryptography-Final.pptxcryptography-Final.pptx
cryptography-Final.pptxkarthikvcyber
 
fileanddirectory-PID.pptx
fileanddirectory-PID.pptxfileanddirectory-PID.pptx
fileanddirectory-PID.pptxkarthikvcyber
 
IP_Subnet training.pptx
IP_Subnet training.pptxIP_Subnet training.pptx
IP_Subnet training.pptxkarthikvcyber
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptxkarthikvcyber
 

More from karthikvcyber (20)

Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...
 
Security Information Event Management Security Information Event Management
Security Information Event Management Security Information Event ManagementSecurity Information Event Management Security Information Event Management
Security Information Event Management Security Information Event Management
 
cybersecuritycybersecuritycybersecuritycybersecurity
cybersecuritycybersecuritycybersecuritycybersecuritycybersecuritycybersecuritycybersecuritycybersecurity
cybersecuritycybersecuritycybersecuritycybersecurity
 
Standards & Framework.pdf
Standards & Framework.pdfStandards & Framework.pdf
Standards & Framework.pdf
 
Standards & Framework.ppt
Standards & Framework.pptStandards & Framework.ppt
Standards & Framework.ppt
 
OSINT.pptx
OSINT.pptxOSINT.pptx
OSINT.pptx
 
Encrypto.pptx
Encrypto.pptxEncrypto.pptx
Encrypto.pptx
 
PID-PPID.pptx
PID-PPID.pptxPID-PPID.pptx
PID-PPID.pptx
 
Authentication.pptx
Authentication.pptxAuthentication.pptx
Authentication.pptx
 
SIEM.pptx
SIEM.pptxSIEM.pptx
SIEM.pptx
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
 
cryptography-Final.pptx
cryptography-Final.pptxcryptography-Final.pptx
cryptography-Final.pptx
 
fileanddirectory-PID.pptx
fileanddirectory-PID.pptxfileanddirectory-PID.pptx
fileanddirectory-PID.pptx
 
CS_Tuto.ppt
CS_Tuto.pptCS_Tuto.ppt
CS_Tuto.ppt
 
Vuln.ppt
Vuln.pptVuln.ppt
Vuln.ppt
 
IP_Subnet training.pptx
IP_Subnet training.pptxIP_Subnet training.pptx
IP_Subnet training.pptx
 
Authorisation.pptx
Authorisation.pptxAuthorisation.pptx
Authorisation.pptx
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptx
 
subnet.pptx
subnet.pptxsubnet.pptx
subnet.pptx
 
OSI TCP-IP.pptx
OSI TCP-IP.pptxOSI TCP-IP.pptx
OSI TCP-IP.pptx
 

Recently uploaded

internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 

Recently uploaded (20)

internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 

CCNP.ppt

  • 1. CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services
  • 2. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 2 Objectives • Understand the purpose and operation of network address translation (NAT) • Understand and configure static NAT, dynamic NAT, and PAT • Understand and configure Dynamic Host Configuration Protocol (DHCP) • Understand and configure Domain Name Services (DNS) • Configure network services using Cisco’s Security Device Manager (SDM)
  • 3. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 3 Network Address Translation • Network address translation (NAT) – Defined in RFC 3022 • Describes methods for connecting private (internal) IP addresses to the Internet • NAT uses a one-to-one mapping or one-to-many mapping method – To allow one or more private IP clients to gain access to the Internet by mapping the private IP addresses to public IP addresses
  • 4. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 4 Network Address Translation (continued)
  • 5. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 5 Network Address Translation (continued) • Advantages – Conserves public IP addresses – Hides your internal IP addressing scheme from the outside world, greatly enhancing network security – Allows for easy renumbering of your IP addresses • Disadvantages – Introduces a small amount of delay into your network • Because the NAT router has to create and maintain the NAT table – End-to-end IP traceability is lost – Some applications fail due to NAT
  • 6. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 6 Network Address Translation (continued) • NAT is available in three forms: – Static NAT – Dynamic NAT – Port address translation (PAT)
  • 7. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 7 Static NAT • Static NAT – The simplest form of NAT – A single private IP address is mapped to a single public IP address • NAT router must maintain a table in memory – Table maps internal IP addresses to addresses presented to the Internet
  • 8. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 8
  • 9. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 9 Static NAT (continued) • The network configuration for NAT is quite simple in a small network – The NAT router will be the default gateway for all clients • In a larger network, the NAT router might be one of many routers – Routers would have to be configured to use the NAT router for Internet communications • NAT should be configured on the border router of a large network
  • 10. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 10 Dynamic NAT • Dynamic NAT – The NAT router automatically maps a group of valid local IP addresses to a group of Internet IP addresses, as needed • The network administrator is not concerned about which IP address the internal clients use • Any private IP address will automatically be translated to one of the available Internet IP addresses by the NAT router – Addresses for dynamic NAT are pulled out of a predefined pool of public addresses
  • 11. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 11 Port Address Translation • Port address translation (PAT) – Also known as overloading – Is a special form of dynamic NAT – Allows multiple internal, private IP addresses to use a single external registered address • To differentiate between the connections, PAT uses multiple public TCP and UDP ports – To create unique sockets that map to internal IP addresses
  • 12. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 12 Port Address Translation (continued)
  • 13. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 13 Port Address Translation (continued) • The NAT server uses port forwarding – To send connections from external clients to the Web server on the internal network • Overlapping – Occurs when: • The internal network has been incorrectly configured for an IP range that actually exists on the Internet or • Two companies merge and each company was using the same private IP address range – Can be solved using NAT because NAT hides the incorrectly configured internal IP scheme
  • 14. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 14 Configuring Network Address Translation • You can configure NAT as static NAT, dynamic NAT, or PAT
  • 15. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 15 Configuring Static NAT • Configuring static NAT is a two-step process: – Define the static mapping between the inside address and the outside address – Define the NAT router’s interfaces as inside or outside • The static mapping is defined with the following command: ip nat inside source static [inside ip] [outside ip]
  • 16. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 16 Configuring Dynamic NAT • Steps: – Configure a standard access control list to define what internal traffic will be translated – Define a pool of addresses to be used for dynamic NAT allocation – Link the access list to the NAT pool – Define interfaces as either inside or outside • To define the standard access list, you must use the following syntax: RouterA(config)#access-list [1-99] permit [inside IP network(s)] [wildcard mask]
  • 17. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 17 Configuring Dynamic NAT (continued) • The syntax for defining the NAT pool is: ip nat pool [pool name] [start ip] [end ip] netmask [netmask] • The pool must then be linked to the access list with the following command: ip nat inside source list [access list number] pool [pool name] • Finally, you must define the interfaces as either inside or outside
  • 18. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 18 Configuring Dynamic NAT (continued) • Steps for configuring PAT: – Configure a standard access list to define what internal traffic will be translated – Link the access list to the interface to be used for PAT – Define interfaces as either inside or outside
  • 19. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 19
  • 20. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 20 Domain Name Service • Domain Name Service (DNS) – A popular and important naming service – Based on the client/server model, DNS translates names into IP addresses • Use the ip host command to manually provide name resolution on a Cisco router • Lookup – By default, a Cisco router will try several times to find an IP address for a name if you enter one
  • 21. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 21 Domain Name Service (continued)
  • 22. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 22 Domain Name Service (continued) • Configuring DNS Lookup – The command to configure a DNS lookup on a Cisco router is ip name-server • The ip domain-lookup command enables DNS if it has previously been disabled
  • 23. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 23 Dynamic Host Configuration Protocol • Dynamic Host Configuration Protocol (DHCP) – Provides IP configuration information to hosts on bootup – This functionality is much like that provided by older protocols RARP and BOOTP • DHCP manages addressing by leasing the IP information to the hosts – This leasing allows the information to be recovered when not in use and reallocated when needed
  • 24. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 24 Dynamic Host Configuration Protocol (continued)
  • 25. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 25 Dynamic Host Configuration Protocol (continued) • You can configure your Cisco router to be a DHCP server • DHCP relay – The router can forward the request to other DHCP servers if it cannot satisfy a DHCP request • Configuring the router to be a DHCP server – Enable the service using the service dhcp command at the global configuration mode prompt – Configure DHCP bindings and decide where to store the DHCP bindings database
  • 26. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 26 Dynamic Host Configuration Protocol (continued) • Configuring the router to be a DHCP server (continued) – Define the pool of addresses – Configure any optional IP configuration parameters – Exclude any statically configured addresses • Monitoring DHCP – The best way to check the bindings is to execute the show ip dhcp binding command on the router – For information on the specific DHCP address pool, use the show ip dhcp pool command
  • 27. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 27
  • 28. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 28 Dynamic Host Configuration Protocol (continued)
  • 29. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 29 Security Device Manager • Cisco’s new Security Device Manager (SDM) – Web-based tool for advanced configuration on Cisco routers – SDM can be used to configure the NAT, DNS, and DHCP services • These services are relatively easy to configure using the command-line interface
  • 30. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 30 Security Device Manager (continued) • Using SDM to Configure NAT – Using SDM to configure static NAT • See Figure 9-9 – Using SDM to configure dynamic NAT • See Figures 9-10 and 9-11 – Using SDM to configure PAT • See Figure 9-12
  • 31. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 31
  • 32. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 32
  • 33. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 33
  • 34. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 34
  • 35. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 35 Security Device Manager (continued) • Using SDM to configure DNS – See Figure 9-13 • Using SDM to configure DHCP – See Figure 9-14
  • 36. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 36 Security Device Manager (continued)
  • 37. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 37
  • 38. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 38 Summary • NAT is a technology that allows organizations to map valid external addresses to private or unregistered internal addresses • Organizations can use NAT to allow many more people to access the Internet by sharing one or more valid public addresses • Static NAT involves mapping each internal IP address to a separately defined outside IP address • Dynamic NAT involves the mapping of inside addresses to a smaller pool of outside addresses
  • 39. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 39 Summary (continued) • PAT allows an organization to map more than one internal private IP address to a single outside IP address by using port numbers to identify the separate connections • The Domain Name Service (DNS) is used to provide an IP address-to-name mapping so that users can refer to hosts by name rather than address
  • 40. CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 40 Summary (continued) • The Dynamic Host Configuration Protocol provides IP configuration information such as address, subnet mask, default-gateway, DNS and WINS server location, and domain name to hosts on the network • SDM is a Web-enabled Cisco product that allows advanced router configuration without using the command-line interface