SlideShare a Scribd company logo

Day 17 nat and pat

Download as PPT, PDF
CYBERINTELLIGENTS
CYBERINTELLIGENTS

http://www.cyberintelligents.in info@cyberintelligents.in https://www.facebook.com/cyberintelligents https://in.linkedin.com/in/cyberintelligents/en https://cyberintelligents.wordpress.com/ http://cyberintelligent.blogspot.in +91 9876162698 +919988288019 http://trainingcyberintelligents.blogspot.com https://cyberintelligentsnews.wordpress.com/

Education
1 of 18
Managing IP Traffic with ACLs Scaling the Network with NAT and PAT
Outline • Overview • Introducing NAT and PAT • Translating Inside Source Addresses • Overloading an Inside Global Address • Verifying the NAT and PAT Configuration • Troubleshooting the NAT and PAT Configuration • Summary
Network Address Translation • An IP address is either local or global. • Local IP addresses are seen in the inside network.
Port Address Translation
Translating Inside Source Addresses
Configuring Static Translation • Establishes static translation between an inside local address and an inside global address Router(config)# ip nat inside source static local-ip global-ip • Marks the interface as connected to the inside Router(config-if)# ip nat inside • Marks the interface as connected to the outside Router(config-if)# ip nat outside
Enabling Static NAT Address Mapping Example
Configuring Dynamic Translation • Establishes dynamic source translation, specifying the ACL that was defined in the prior step. Router(config)# ip nat inside source list access-list-number pool name • Defines a pool of global addresses to be allocated as needed. Router(config)# ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} • Defines a standard IP ACL permitting those inside local addresses that are to be translated. Router(config)# access-list access-list-number permit source [source-wildcard]
Dynamic Address Translation Example
Overloading an Inside Global Address
Configuring Overloading • Establishes dynamic source translation, specifying the ACL that was defined in the prior step Router(config)# ip nat inside source list access-list-number interface interface overload • Defines a standard IP ACL that will permit the inside local addresses that are to be translated Router(config)# access-list access-list-number permit source source-wildcard
Overloading an Inside Global Address Example
Clearing the NAT Translation Table • Clears a simple dynamic translation entry that contains an inside translation or both an inside and outside translation Router# clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] • Clears all dynamic address translation entries Router# clear ip nat translation * • Clears a simple dynamic translation entry that contains an outside translation Router# clear ip nat translation outside local-ip global-ip • Clears an extended dynamic translation entry outer# clear ip nat translation protocol inside global-ip lobal-port local-ip local-port [outside local-ip ocal-port global-ip global-port]
• Displays translation statistics Router# show ip nat statistics • Displays active translations Router# show ip nat translations Router# show ip nat translation Pro Inside global Inside local Outside local Outside global --- 172.16.131.1 10.10.10.1 --- --- Router# show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0 … Displaying Information with show Commands
Sample Problem: Cannot Ping Remote Host
Solution: New Configuration
Using the debug ip nat Command Router# debug ip nat NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]
Translation Not Installed in the Translation Table? Verify that: • The configuration is correct. • There are not any inbound ACLs denying the packets entry to the NAT router. • The ACL referenced by the NAT command is permitting all necessary networks. • There are enough addresses in the NAT pool. • The router interfaces are appropriately defined as NAT inside or NAT outside.

Recommended

Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Coal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingCoal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingMuhammad Taqi Hassan Bukhari
 
p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4Kentaro Ebisawa
 
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017VOIP2DAY
 
20170925 onos and p4
20170925 onos and p420170925 onos and p4
20170925 onos and p4Yi Tseng
 
Troubleshoot tcp
Troubleshoot tcpTroubleshoot tcp
Troubleshoot tcpRicardo Nugas
 
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Jeff Squyres
 

Recommended

Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
Coal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingCoal7 segmentation in Assembly Programming
Coal7 segmentation in Assembly ProgrammingMuhammad Taqi Hassan Bukhari
 
p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4p4alu: Arithmetic Logic Unit in P4
p4alu: Arithmetic Logic Unit in P4Kentaro Ebisawa
 
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017
Homer metrics | LORENZO MANGANI Y FEDERICO CABIDDU - VoIP2DAY 2017VOIP2DAY
 
20170925 onos and p4
20170925 onos and p420170925 onos and p4
20170925 onos and p4Yi Tseng
 
Troubleshoot tcp
Troubleshoot tcpTroubleshoot tcp
Troubleshoot tcpRicardo Nugas
 
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)
Open MPI Explorations in Process Affinity (EuroMPI'13 presentation)Jeff Squyres
 
Dynamic NAT
Dynamic NATDynamic NAT
Dynamic NATNetProtocol Xpert
 
Static NAT
Static NATStatic NAT
Static NATNetProtocol Xpert
 
2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 WorkshopYi Tseng
 
zebra & openconfigd Introduction
zebra & openconfigd Introductionzebra & openconfigd Introduction
zebra & openconfigd IntroductionKentaro Ebisawa
 
162 15-768
162 15-768162 15-768
162 15-768faisal123000
 
Максим Харченко. Erlang lincx
Максим Харченко. Erlang lincxМаксим Харченко. Erlang lincx
Максим Харченко. Erlang lincxAlina Dolgikh
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...telestax
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Cisco Canada
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Network address translations
Network address translations Network address translations
Network address translations Shahzad shareef
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPOlivier Bonaventure
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing ProtocolsKHNOG
 
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PROIDEA
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4Open Networking Summits
 
Introduction to DPDK RIB library
Introduction to DPDK RIB libraryIntroduction to DPDK RIB library
Introduction to DPDK RIB libraryГлеб Хохлов
 
NAT and PAT
NAT and PATNAT and PAT
NAT and PATMuuluu
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccnasinghsukdeep
 

More Related Content

What's hot

2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 WorkshopYi Tseng
 
zebra & openconfigd Introduction
zebra & openconfigd Introductionzebra & openconfigd Introduction
zebra & openconfigd IntroductionKentaro Ebisawa
 
Максим Харченко. Erlang lincx
Максим Харченко. Erlang lincxМаксим Харченко. Erlang lincx
Максим Харченко. Erlang lincxAlina Dolgikh
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...telestax
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Cisco Canada
 
Network address translations
Network address translations Network address translations
Network address translations Shahzad shareef
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPOlivier Bonaventure
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing ProtocolsKHNOG
 
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PROIDEA
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4Open Networking Summits
 

What's hot (20)

Dynamic NAT
Dynamic NATDynamic NAT
Dynamic NAT
 
Static NAT
Static NATStatic NAT
Static NAT
 
2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 Workshop
 
zebra & openconfigd Introduction
zebra & openconfigd Introductionzebra & openconfigd Introduction
zebra & openconfigd Introduction
 
162 15-768
162 15-768162 15-768
162 15-768
 
Максим Харченко. Erlang lincx
Максим Харченко. Erlang lincxМаксим Харченко. Erlang lincx
Максим Харченко. Erlang lincx
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL Lee
 
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
Mobicents Summit 2012 - Vladimir Ralev - Mobicents Load Balancer and High Ava...
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and Services
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
 
Network address translations
Network address translations Network address translations
Network address translations
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGP
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing Protocols
 
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
PLNOG14: Waltzing on that gentle trade‐off between internet routes and FIB sp...
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4
 
Introduction to DPDK RIB library
Introduction to DPDK RIB libraryIntroduction to DPDK RIB library
Introduction to DPDK RIB library
 

Similar to Day 17 nat and pat

NAT and PAT
NAT and PATNAT and PAT
NAT and PATMuuluu
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9Waqas Ahmed Nawaz
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity3Anetwork com
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxGeorgeThoreJr
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccnarobertoxe
 
Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2Krunal Shah
 
Chapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfChapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfBuntha Chhay
 

Similar to Day 17 nat and pat (20)

NAT and PAT
NAT and PATNAT and PAT
NAT and PAT
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccna
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routers
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)
 
Day 17.1 nat pat (2)
Day 17.1 nat pat (2)Day 17.1 nat pat (2)
Day 17.1 nat pat (2)
 
Nat
NatNat
Nat
 
Icnd210 s07l01
Icnd210 s07l01Icnd210 s07l01
Icnd210 s07l01
 
Nat pat
Nat patNat pat
Nat pat
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9
 
Nat 07
Nat 07Nat 07
Nat 07
 
Nat
NatNat
Nat
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 
Nat 03
Nat 03Nat 03
Nat 03
 
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
Configuring a Cisco Router as a PPPoE Client for DSL Connectivity
 
Module (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptxModule (10) NAT for IPV4.pptx
Module (10) NAT for IPV4.pptx
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccna
 
Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2Topic 5 nx os management-ver 0.2
Topic 5 nx os management-ver 0.2
 
Chapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdfChapter 5-Network Address Translation.pdf
Chapter 5-Network Address Translation.pdf
 

More from CYBERINTELLIGENTS

Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12CYBERINTELLIGENTS
 
Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12CYBERINTELLIGENTS
 
Day 25 cisco ios router configuration
Day 25 cisco ios router configurationDay 25 cisco ios router configuration
Day 25 cisco ios router configurationCYBERINTELLIGENTS
 

More from CYBERINTELLIGENTS (20)

Wide area networks
Wide area networksWide area networks
Wide area networks
 
Switching
SwitchingSwitching
Switching
 
Switching
SwitchingSwitching
Switching
 
Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12
 
Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12Stp premdeep gill-lu045310-14aug12
Stp premdeep gill-lu045310-14aug12
 
Routerfundaments gurwinder
Routerfundaments gurwinderRouterfundaments gurwinder
Routerfundaments gurwinder
 
Rip 1 rip 2
Rip 1 rip 2Rip 1 rip 2
Rip 1 rip 2
 
Ospf new
Ospf newOspf new
Ospf new
 
Nat config
Nat configNat config
Nat config
 
Ipv6^ new
Ipv6^ newIpv6^ new
Ipv6^ new
 
Ip addressing...
Ip addressing... Ip addressing...
Ip addressing...
 
Ip address
Ip address Ip address
Ip address
 
Igrp
IgrpIgrp
Igrp
 
Frame relay
Frame relayFrame relay
Frame relay
 
Eigrp new
Eigrp newEigrp new
Eigrp new
 
Day 25 cisco ios router configuration
Day 25 cisco ios router configurationDay 25 cisco ios router configuration
Day 25 cisco ios router configuration
 
Day 22 _ ppp
Day 22 _ ppp Day 22 _ ppp
Day 22 _ ppp
 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 lab
 
Day 20.3 frame relay
Day 20.3 frame relay Day 20.3 frame relay
Day 20.3 frame relay
 
Day 20.2 frame relay
Day 20.2 frame relay Day 20.2 frame relay
Day 20.2 frame relay
 

Recently uploaded

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 

Recently uploaded (20)

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 

Day 17 nat and pat

  • 1. Managing IP Traffic with ACLs Scaling the Network with NAT and PAT
  • 2. Outline • Overview • Introducing NAT and PAT • Translating Inside Source Addresses • Overloading an Inside Global Address • Verifying the NAT and PAT Configuration • Troubleshooting the NAT and PAT Configuration • Summary
  • 3. Network Address Translation • An IP address is either local or global. • Local IP addresses are seen in the inside network.
  • 6. Configuring Static Translation • Establishes static translation between an inside local address and an inside global address Router(config)# ip nat inside source static local-ip global-ip • Marks the interface as connected to the inside Router(config-if)# ip nat inside • Marks the interface as connected to the outside Router(config-if)# ip nat outside
  • 7. Enabling Static NAT Address Mapping Example
  • 8. Configuring Dynamic Translation • Establishes dynamic source translation, specifying the ACL that was defined in the prior step. Router(config)# ip nat inside source list access-list-number pool name • Defines a pool of global addresses to be allocated as needed. Router(config)# ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} • Defines a standard IP ACL permitting those inside local addresses that are to be translated. Router(config)# access-list access-list-number permit source [source-wildcard]
  • 10. Overloading an Inside Global Address
  • 11. Configuring Overloading • Establishes dynamic source translation, specifying the ACL that was defined in the prior step Router(config)# ip nat inside source list access-list-number interface interface overload • Defines a standard IP ACL that will permit the inside local addresses that are to be translated Router(config)# access-list access-list-number permit source source-wildcard
  • 12. Overloading an Inside Global Address Example
  • 13. Clearing the NAT Translation Table • Clears a simple dynamic translation entry that contains an inside translation or both an inside and outside translation Router# clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] • Clears all dynamic address translation entries Router# clear ip nat translation * • Clears a simple dynamic translation entry that contains an outside translation Router# clear ip nat translation outside local-ip global-ip • Clears an extended dynamic translation entry outer# clear ip nat translation protocol inside global-ip lobal-port local-ip local-port [outside local-ip ocal-port global-ip global-port]
  • 14. • Displays translation statistics Router# show ip nat statistics • Displays active translations Router# show ip nat translations Router# show ip nat translation Pro Inside global Inside local Outside local Outside global --- 172.16.131.1 10.10.10.1 --- --- Router# show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0 … Displaying Information with show Commands
  • 17. Using the debug ip nat Command Router# debug ip nat NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]
  • 18. Translation Not Installed in the Translation Table? Verify that: • The configuration is correct. • There are not any inbound ACLs denying the packets entry to the NAT router. • The ACL referenced by the NAT command is permitting all necessary networks. • There are enough addresses in the NAT pool. • The router interfaces are appropriately defined as NAT inside or NAT outside.