ACCESO A LA WAN (MOD4 - CISCO)

ERLN IVN BURITIC LPEZ

UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA - UNAD

ESCUELA DE CIENCIAS BSICAS TECNOLOGA E INGENIERA
INGENIERA DE TELECOMUNICACIONES
ACCESO A LA WAN (MOD4 - CISCO)
SANTIAGO DE CALI
2016
 ACCESO A LA WAN (MOD4 CISCO)
5.2.1.4 Packet Tracer - Configuring Static NAT

ERLN IVN BURITIC LPEZ

TUTORA: INGENIERA NANCY AMPARO GUACA

UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA - UNAD

ESCUELA DE CIENCIAS BSICAS TECNOLOGA E INGENIERA
INGENIERA DE TELECOMUNICACIONES
ACCESO A LA WAN (MOD4 - CISCO)
SANTIAGO DE CALI
2016
 5.2.1.4 Packet Tracer - Configuring Static NAT

TOPOLOGIA

Objectives
Part 1: Test Access without NAT
Part 2: Configure Static NAT
Part 3: Test Access with NAT
Scenario

In IPv4 configured networks, clients and servers use private addressing. Before
packets with private addressing can cross then Internet, they need to be translated
to public addressing. Servers that are accessed from outside the organization are
usually assigned both a public and a private static IP address. In this activity, you
will configure static NAT so that outside devices can access and inside server at its
public address.

Part 1: Test Access without NAT

Step 1: Attempt to connect to Server1 using Simulation Mode.
a. From PC1 or L1, attempt to connect to the Server1 web page at
172.16.16.1. Use the Web Browser to browse Server1 at 172.16.16.1. The
attempts should fail.

En este punto realizamos la solicitud desde el equipo PC1 tenido un Timeout

 b. From PC1, ping the R1 S0/0/0 interface. The ping should succeed.

Se realiza ping desde el PC1 a la interface serial 0/0/0 del R1 la cual tiene ip
209.165.128.130 donde la respuesta a la interface es exitosa.

interface Serial0/0/0
ip address 209.165.128.130 255.255.255.248
clock rate 2000000

Step 2: View R1 routing table and running-config.

 a. View the running configuration of R1. Note that there are no commands
referring to NAT.

Vamos a verificar la configuracin R1 con el siguiente comando esto con la

finalidad de ver si hay alguna configuracin en las tablas NAT
#show run
Con el anterior comendo se puede ver la configuracin global
#show ip nat translation
Y con este comando no se ven translation Nat porque no estn configuradas.

b. Verify that the routing table does not contain entries referring to the IP
addresses used by PC1 and L1.
c. R1#show ip route
d. Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
e. D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
f. N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
g. E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
h. i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
i. * - candidate default, U - per-user static route, o - ODR
j. P - periodic downloaded static route
k.
l. Gateway of last resort is not set
m.
n. 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
o. C 172.16.16.0/28 is directly connected, GigabitEthernet0/0
p. L 172.16.16.14/32 is directly connected, GigabitEthernet0/0
q. 209.165.128.0/24 is variably subnetted, 2 subnets, 2 masks
r. C 209.165.128.128/29 is directly connected, Serial0/0/0
s. L 209.165.128.130/32 is directly connected, Serial0/0/0
Las anteriores Son las redes y de acuerdo a la informacin de las redes

PC1 y L1 10.0.37.0 Y 192.168.195.0 no estn en esta lista.

c. Verify that NAT is not being used by R1.

R1# show ip nat translations

Al dar el siguiente comando no se ven translations

Al ver que este no tiene las configuraciones respetivas procedemos a realizarlas

Part 2: Configure Static NAT

Step 1: Configure static NAT statements.

Refer to the Topology. Create a static NAT translation to map the Server1 inside
address to its outside address. Este comando asocio la ip privada de nuestro
equipo con la publica.

R1>
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip nat inside source static 172.16.16.1 64.100.50.1
R1(config)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#copy r
R1#copy running-config s
R1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R1#

Step 2: Configure interfaces.

Configure the correct inside and outside interfaces.

R1#
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface g0/0
R1(config-if)#ip nat inside
R1(config-if)#exit
R1(config)#interface s0/0/0
R1(config-if)#ip nat outside
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R1#

Part 3: Test Access with NAT

Step 1: Verify connectivity to the Server1 web page.

a. Open the command prompt on PC1 or L1, attempt to ping the public
address for Server1. Pings should succeed.
Realizando el ping tenemos respuesta exitosa
 b. Verify that both PC1 and L1 can now access the Server1 web page.

Ya tenemos conexin lego de haber realizado las configuraciones

Step 2: View NAT translations.

Use the following commands to verify the static NAT configuration:

Podemos ver la configuraciones de las interfaces y de las tablas NAT

#show running-config

interface GigabitEthernet0/0
ip address 172.16.16.14 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 209.165.128.130 255.255.255.248
ip nat outside
clock rate 2000000
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip nat inside source static 172.16.16.1 64.100.50.1
ip classless

#show ip nat translations

Podemos ver que translation esta realizando desde donde viene hasta donde
debe llegar

R1#show ip nat translations

Pro Inside global Inside local Outside local Outside global
tcp 64.100.50.1:80 172.16.16.1:80 209.165.128.129:1027209.165.128.129:1027
--- 64.100.50.1 172.16.16.1 --- ---
R1#

#show ip nat statistics

Este comando muestra la cantidad de nat que se estn realizado y con qu

interfaces.

R1#show ip nat statistics

Total translations: 2 (1 static, 1 dynamic, 1 extended)
Outside Interfaces: Serial0/0/0
Inside Interfaces: GigabitEthernet0/0
Hits: 10 Misses: 5
Expired translations: 4
Dynamic mappings:
R1#
Conclusiones

Los ejemplos de este documento muestran que los pasos de inicio rpido
Pueden ayudarle a configurar y desplegar NAT. Dichos pasos de inicio rpido
incluyen:

Definicin de NAT dentro y fuera de las interfaces.

Definicin de lo que est tratando de lograr con NAT.

Configuracin de NAT para poder lograr lo que defini.

Verificacin del funcionamiento de NAT

 Bibliografia

CAMPUS VIRTUAL UNAD: ENTRAR AL SITIO

En el texto: (Campus14.unad.edu.co, 2016)
Bibliografa: Campus14.unad.edu.co. (2016). Campus Virtual UNAD: Entrar al sitio.
[online] Available at: http://campus14.unad.edu.co/ecbti09/mod/forum/discuss.php?
d=3949

CISCO SECURITY APPLIANCE COMMAND LINE CONFIGURATION GUIDE,

VERSION 8.0 - CONFIGURING NAT [CISCO ASA 5500-X SERIES FIREWALLS]
En el texto: (Cisco, 2016)
Bibliografa: Cisco. (2016). Cisco Security Appliance Command Line Configuration
Guide, Version 8.0 - Configuring NAT [Cisco ASA 5500-X Series Firewalls]. [online]
Available at:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_
gd/cfgnat.html