E VOUS PROPOSE CECI ==================== interface ethernet 1 ip address 192.1.90.111 255.255.255.0 ip nat inside !

--- definit l interface interne suppos etre Ethernet 1 avec une adresse IP et un interface NAT inside . interface ethernet 0 ip address 192.1.91.222 255.255.255.0 ip nat outside !--- Definit l interface externe suppos etre Ethernet 0 avec une adresse IP et un interface NAT outside.

ip nat pool nooverload 192.1.91.1 192.1.91.110 prefix 24 !--- Definit la plage d adresses pour le nat , NAT pool nomm nooverload avec une plage d adresses !--- 192.1.91.1 - 192.1.91.110

ip nat inside source list 7 pool nooverload !--- Indique que les paquets recus sur l interface inside interface qui !--- sont autoriss par l acl access-list 7 !--- auront leurs adresses nates selon la plage d adresses !--- NAT pool "nooverload".

access-list 7 permit 192.1.90.0 0.0.0.100 ou (0.0.0.255 por toutes les adresses) !--- l Access-list 7 permet de nater les paquets avec adresses sources allant de !--- 192.1.90.0 through 192.1.90.100

NAT, Network Address Translation in simple terms translates an IP address into another. Network Address Translation is of different types like Static NAT (One to One) Dynamic NAT (Many to Many) Overloading (Many to One) We will focus on Overloading form of NAT. This is called as Port Address Translation (PAT) or even Network Address Port Translation (NAPT). NAT Overloading translates many private IP addresses from a Local Area Network (LAN) onto a single registered legal Public IP address. Here, the source IP and the source port gets translated to the Public IP and a different source port. Typical network configuration would be on an Internet Router which enables all the hosts in the LAN to connect to the Internet using one single Public IP address. The following procedure will help you to configure NAT Overload or Port Address Translation (PAT) in Cisco IOS: 1. NAT inside interface Enable an interface on the router with an IP Address and mark it as nat inside interface. This is the interface that connects to your internal private network WANRouter(config)# int fastethernet0/1 WANRouter(config-if)# ip address 192.168.1.1 255.255.255.0 WANRouter(config-if)# ip nat inside 2. Enable NAT outside interface WANRouter(config)# int serial0/0/0 WANRouter(config-if)# ip address 100.100.100.100 255.255.255.0 WANRouter(config-if)# ip nat outside 3. Configure NAT Pool This will be a pool of legal Public IPs that is bought by the organisation. This could anything from one to many IP Address WANRouter(config)# ip nat pool WANPOOL 100.100.100.10 100.100.100.10 netmask 255.255.255.0 This creates pool which has just one IP address. The syntax is

ip nat pool <pool name> startip endip {netmask netmask | prefix prefix-length} 4. Access List to allow list of IP Addresses to NAT translate WANRouter(config)# ip access-list 10 permit 192.168.1.0 0.0.0.255 For more networks or hosts to overload the NAT pool simply add them to the access list WANRouter(config)# ip access-list 10 permit 192.168.2.0 0.0.0.255 WANRouter(config)# ip access-list 10 permit 192.168.3.0 0.0.0.255 Instruct Router to NAT the Access list to the NATPool WANRouter(config)# ip nat inside source list 10 pool WANPOOL overload If this is an internet configuration then ensure that a default route on the IP to the outside IP address or outside interface WANRouter(config)# ip route 0.0.0.0. 0.0.0.0 serial0/0/0 or WANRouter(config)# ip route 0.0.0.0 0.0.0.0 100.100.100.100 Thats it. Job done!!! The NAT setup is now complete.We have setup the router to translate LAN private IPs into the Internet public IPs. To check the NAT status and statistics WANRouter# show ip nat statistics To see the active translations WANRouter# show ip nat translations

Configure Multiple IP Address on a Cisco Router Interface

Posted on Apr 16, 2008 under Cisco | 13 Comments

Tags:Cisco ios ip-address multiple-ip router Cisco IOS supports multiple IP Addresses on an interface. There will be one Primary IP Address on the interaface and multiple Secondary IP Addresses on the interface. There is no limit on the number of IP Addresses that can be configure on an interface. Configurng multiple IP Addresses on your cisco routers can sometime help where you have multiple subnets having one physical router interface. The IP Addresses can be from different subnets and from different networks. To configure multiple IP Addresses, Configure primary IP Address From the Interface configuration mode, configure the primary IP Address ciscorouter# conf term ciscorouter(config)# int fa0/0 ciscorouter(config-if)# ip address 172.20.20.1 255.255.255.0 That configures the primary IP Address. Configure Secondary IP Address Now, add the required secondary IP Addresses onto the same interface ciscorouter(config-if)# ip address 172.20.21.1 255.255.255.0 secondary This adds the additional IP Address onto the interface. In the command above, the keyword "secondary" at the end defines the additional IP Address as a secondary IP Address.