In this example we will do Cisco IOS NAT Overload Configuration Example.
Here is the topology for this example:
We assume that R2 is a edge router between inside(R1) and outside(R3).
R1 will initiate connections by using its both Loopback0 and F0/0 IP addresses.
R2 will do source IP address Network Address translation.R2 will translate source IP addresses to its Loopback0 IP address(10.10.10.2).
Here is the configuration of R2
interface loopback 0
ip address 10.10.10.2 255.255.255.255
interface f0/1
ip address 10.10.23.2 255.255.255.0
ip nat outside
interface f0/0
ip address 10.10.12.2 255.255.255.0
ip nat inside
access-list 1 permit 10.10.12.0 0.0.0.255
access-list 1 permit host 10.10.10.1
ip nat inside source list 1 interface loopback0 overload
Lets test the connection from R1
R1#ping 10.10.10.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.3, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 48/70/96 ms
R1#ping 10.10.10.3 source 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.3, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 48/62/76 ms
R1#telnet 10.10.10.3
Trying 10.10.10.3 ... Open
User Access Verification
Password:
R3>en
Password:
R3#exit
R1#telnet 10.10.10.3 80
Trying 10.10.10.3, 80 ... Open
Lets check the NAT table from R2:
R2#show ip nat trans
Pro Inside global Inside local Outside local Outside global
icmp 10.10.10.2:5 10.10.10.1:5 10.10.10.3:5 10.10.10.3:5
icmp 10.10.10.2:4 10.10.12.1:4 10.10.10.3:4 10.10.10.3:4
tcp 10.10.10.2:30913 10.10.12.1:30913 10.10.10.3:80 10.10.10.3:80
tcp 10.10.10.2:32817 10.10.12.1:32817 10.10.10.3:23 10.10.10.3:23
tcp 10.10.10.2:37510 10.10.12.1:37510 10.10.10.3:23 10.10.10.3:23
Here is the topology for this example:
We assume that R2 is a edge router between inside(R1) and outside(R3).
R1 will initiate connections by using its both Loopback0 and F0/0 IP addresses.
R2 will do source IP address Network Address translation.R2 will translate source IP addresses to its Loopback0 IP address(10.10.10.2).
Here is the configuration of R2
interface loopback 0
ip address 10.10.10.2 255.255.255.255
interface f0/1
ip address 10.10.23.2 255.255.255.0
ip nat outside
interface f0/0
ip address 10.10.12.2 255.255.255.0
ip nat inside
access-list 1 permit 10.10.12.0 0.0.0.255
access-list 1 permit host 10.10.10.1
ip nat inside source list 1 interface loopback0 overload
Lets test the connection from R1
R1#ping 10.10.10.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.3, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 48/70/96 ms
R1#ping 10.10.10.3 source 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.3, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 48/62/76 ms
R1#telnet 10.10.10.3
Trying 10.10.10.3 ... Open
User Access Verification
Password:
R3>en
Password:
R3#exit
R1#telnet 10.10.10.3 80
Trying 10.10.10.3, 80 ... Open
Lets check the NAT table from R2:
R2#show ip nat trans
Pro Inside global Inside local Outside local Outside global
icmp 10.10.10.2:5 10.10.10.1:5 10.10.10.3:5 10.10.10.3:5
icmp 10.10.10.2:4 10.10.12.1:4 10.10.10.3:4 10.10.10.3:4
tcp 10.10.10.2:30913 10.10.12.1:30913 10.10.10.3:80 10.10.10.3:80
tcp 10.10.10.2:32817 10.10.12.1:32817 10.10.10.3:23 10.10.10.3:23
tcp 10.10.10.2:37510 10.10.12.1:37510 10.10.10.3:23 10.10.10.3:23
No comments:
Post a Comment