How to configure Cisco NAT ? Easily Method

How to configure Cisco NAT ? Configure step-by-step

Hello everyone. Today we will talk about how to configure Cisco NAT. What is NAT and why is it needed at all since this functionality has long and tightly entered our everyday lives and now it is very difficult to imagine at least one enterprise that would not use this technology? At one time, she saved the Internet and greatly delayed the transition from IPv4 to IPv6, but first things first.

What is NAT?

NAT ( Network Address Translation ) is a network address translation mechanism. If simple, it is a technology that allows a bunch of private or gray IP addresses to sit behind one white IP address. An example is the office Internet, where all users sit through a common gateway, on which an ip address is configured that goes to the Internet, and users have local ip addresses configured.

It looks approximately like this.

Types of NAT

Static NAT-converting gray IP to white, an example of port forwarding to a local network, for example, RDP
Dynamic NAT-transformation of gray ip into one of the ip addresses of a group of white ip addresses
Overloaded NAT, or as it is also called, PAT (port address translation), converts several gray ip addresses to white, giving them different ports.

Today we will look at static NAT and PAT.

Configure Cisco NAT

This is what a small office layout looks like. We have 3 computers in vlan 2. There is a server in a separate vlan 3. All this stuff is connected to a Cisco 2660 second-level switch, which in turn is plugged into a Cisco 1841 router that routes local traffic between vlan 2 and 3.

Configuration of the Cisco 2960

Let’s create vlan 2 and vlan 3, give them names, and configure the necessary ports for these vlans.

enable
conf t
create vlan 2
vlan 2
name VLAN2
exit
create vlan 3
vlan 3
name VLAN3
exit put
ports in vlan2
int range fa0/1-3
switchport mode access
switchport access vlan 2
exit
put port in vlan3
int fa 0/4
switchport mode access
switchport access vlan 3
exit

now configure fa 0/5 as a trunk port

int fa 0/5
switchport mode trunk
switchport trunk allowed vlan 2.3
do wr mem

Next, we configure the Cisco 1841 router.

Cisco 1841 Configuration

First of all, let’s create sub interfaces and raise the port.

enable
conf t
int fa0/0
no shutdown
exit

int fa0/0.2
encapsulation dot1Q 2
ip address 192.168.2.251 255.255.255.0
no shutdown
exit

int fa0/0.3
encapsulation dot1Q 3
ip address 192.168.3.251 255.255.255.0
no shutdown
exit

ip routing

As a result, the port turned green

PAT setup

In my virtual infrastructure, unfortunately, our scheme cannot be released to the Internet, we emulate it, we will have a router with a white ip address and a server also with a white ip address. Schematically, it looks like this. On the provider’s router, a white ip address 213.235.1.1 and a netmask 255.255.255.252 are assigned on a specific port

Let’s configure this ip on our test provider router.

en
conf t
int fa0/0
ip address 213.235.1.1 255.255.255.252
no shutdown
exit

configure port fa0/1 which we look at the server, and set it to another white ip 213.235.1.25 255.255.255.252

int fa0/1
ip address 213.235.1.25 255.255.255.252
no shutdown
exit

My server will have an ip address of 213.235.1.26 and the gateway will be 213.235.1.25, the router interface of the provider looking at the server.

Now we will configure our local router Router0, configure the white ip address allocated to us by the provider 213.235.1.2 255.255.255.252, the gateway will be 213.235.1.1

enable
conf t
int fa0/1
ip address 213.235.1.2 255.255.255.252
no shutdown
exit
ip route 0.0.0.0 0.0.0.0 213.235.1.1
exit
wr mem

We try to ping the ip addresses of the provider and server from the office router, and we see that everything works fine.

Router#ping 213.235.1.1