Chapter 8 : Lab 8.4.3 Configuring an ACL with NAT

Step 1: Connect the equipment

a. Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial

cable as shown in the diagram and addressing table.

b. Connect the Fa0/0 interface of Router 1 to the Fa0/1 port of Switch 1 using a straight-through cable.

c. Connect each PC with a console cable to perform configurations on the router and switches.

d. Connect Host 1 to the Fa0/2 port of Switch 1 using a straight-through cable.

e. Connect Host 2 to the Fa0/3 port of Switch 1 using a straight-through cable.

Step 2: Perform basic configuration on Router 1

a. Connect a PC to the console port of the router to perform configurations using a terminal emulation

program.

b. Configure Router 1 with a hostname, interfaces, console, Telnet, IP addresses, and privileged

passwords according to the addressing table and topology diagram. Save the configuration.

Step 3: Perform basic configuration on Router 2

Perform basic configuration on Router 1 as the gateway router with a hostname, interfaces, console, Telnet,

and privileged passwords according to the addressing table and topology diagram. Save the configuration.

Step 4: Perform basic configuration on Switch 1

a. Configure Switch 1 with a hostname and console, telnet and privileged passwords according to the

table and topology diagram.

Step 5: Configure the hosts with IP address, subnet mask, and default gateway

a. Configure each host with the proper IP address, subnet mask, and default gateway.

b. Each workstation should be able to ping the attached router. If the ping was not successful,

troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP

address and default gateway.

Step 6: Configure static and default routes on the routers

a. Configure a static route on router R2 to reach the private network on R1. Use the next hop interface

on R1 as the path.

R2(config)#ip route 192.168.1.0 255.255.255.0 209.165.201.1

b. Configure a default route on router R1 to forward any unknown destination traffic to the next hop

interface on R2.

R1(config)#ip route 0.0.0.0 0.0.0.0 209.165.201.2

Step 7: Verify that the network is functioning

a. From the attached hosts, ping the FastEthernet interface of the default gateway router.

Was the ping from Host 1 successful? Yes

Was the ping from Host 2 successful? Yes

If the answer is no for either question, troubleshoot the router and host configurations to find the error.

Ping again until they are both successful.

b. From each host, ping the Serial 0/0/0 interface of R2.

Each ping should be successful. If it is not, troubleshoot the static and default route configurations to

find the error. Ping again until they are both successful.

Step 8: Configure NAT and PAT on R1

a. Define an access list that matches the inside private IP addresses.

R1(config)#access-list 1 permit 192.168.1.0 0.0.0.255

b. Define the PAT translation from inside the list to outside.

R1(config)#ip nat inside source list 1 interface s0/0/0 overload

c. Specify the interfaces.

R1(config)#interface fastethernet 0/0

R1(config-if)#ip nat inside

R1(config-if)#exit

R1(config)#interface serial 0/0/0

R1(config-if)#ip nat outside

Where will the private IP address of a host be translated? ___________________________

__________________________________ At R1’s serial 0/0/0 interface

Step 9: Test and verify the configuration

a. Ping PC2 from PC1.

Was it successful? ________ Yes

b. Ping the serial interface on R2 from PC1 and PC2.

Was it successful? Yes

c. Verify that NAT translations are taking place by using the command show ip nat translations

(a sample output is shown).



Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s