Tuesday, January 19, 2016

Lab 2-2 Port Address Translation




Lab pre-requisites:
Lab 2-1 Packet Tracer Topology Download.

Topology Diagram


Connecting a LAN to the Internet requires a little thought as there are few ways of doing it. Here we are going to explore three of them:
  • Static NAT (one-to-one translation)
  • Dynamic NAT (many-to-many translation)
  • Dynamic NAT Overload or PAT (many-to-one translation)
Task 1: Defining static IP addresses and setting a static default route.
Task 2: Configure NAT.
Task 3: Configure PAT.

Port Address Translation
(NAT Overload)
Solution

Both, Dynamic NAT and PAT (Port Address Translation) are not used to allow users on the Internet to access local resources. They are designed to allow local users using private address scope to communicate on the Internet.

PAT is arguably the most popular way of connecting private network to the Internet. Before we do that let's clean up our previous lab configuration first:

On Branch Router:

Branch(config)#no ip nat inside source list 1 pool PUBLIC
Branch(config)#no ip nat pool PUBLIC 209.165.201.3 209.165.201.10 netmask 255.255.255.224

Branch(config)#

Now we're good to go with PAT configuration.

Since all is already configured except for nat command let's add it (line in blue)

interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 209.165.201.1 255.255.255.224
ip nat outside
duplex auto
speed auto

!
ip nat inside source list 1 interface FastEthernet0/1 overload
!
ip route 0.0.0.0 0.0.0.0 209.165.201.2
!
ip flow-export version 9
!
!
access-list 1 permit 10.1.1.0 0.0.0.255
!

The advantage of this NAT method is that all your router needs to have is one public IP Address configured on the interface facing the Internet. Ports used by communication at layer 4 will be used as distinguishing elements to allow router keep the track of the existing sessions.