Configuracion NAT CISCO (Ok)

Network Address
Translation NAT
Ing. Enrique Santiago PhD(c)

Instructor CISCO CCNA
Version 4.0
2006 Cisco Systems, Inc. All rights reserved.
Cisco Public
Objectivos
Socializar el concepto de NAT.
Describir la justificacin de NAT.
Socializar los diferentes tipos de NAT.
Configurar NAT sobre routers Cisco.
Cisco Public
Configuracin de NAT sobre Router Cisco

Operacion y Beneficio de usar direccionamiento
Privado y Publico
Cisco Public
Configuracion de NAT sobre Router Cisco

Caracteristicas Claves de NAT y NAT overload
Cisco Public
Configure NAT on a Cisco Router

Ventajas y Desventajas de NAT
Cisco Public
Tipos de NAT
NAT Esttico
NAT Dinmico
NAT/PAT
Cisco Public
Configuracin NAT esttico en CISCO

Como Configurar NAT estatico y conservar el espacio
de direcciones IP en una red.
Cisco Public
Ejemplo NAT esttico
Cisco Public
Configuracin Bsica Routing EIGRP

Hostname Router1(EIGRP)
interface FastEthernet0/1
ip address 190.1.190.1 255.255.255.0
duplex auto
speed auto
interface Serial0/0/0
ip address 200.30.75.2 255.255.255.0
router eigrp 1
network 200.30.75.0 0.0.0.3
network 190.1.190.0 0.0.0.255
no auto-summary
Cisco Public
Configuracin Router NAT esttico(1)

Hostname Router(NAT)
ip address 192.168.1.10 255.255.255.0
ip nat inside
duplex auto
speed auto
ip address 200.30.75.1 255.255.255.0
ip nat outside
clock rate 64000
Referencia Esttica
ip nat inside source static 192.168.1.2 200.30.75.3

ip nat inside source static 192.168.1.3 200.30.75.4
ip classless
ip route 190.1.190.0 255.255.255.0 200.30.75.2
Cisco Public
Referencia Esttica
10
Comandos Depuracin NAT

Router(NAT)#sh ip nat translations
Pro Inside global
Inside local
Outside local
--- 200.30.75.3
192.168.1.2
---
---
--- 200.30.75.4
192.168.1.3
---
---
Cisco Public
Outside global
11

WEB SERVER
Router(NAT)#debug ip nat
NAT: s=192.168.1.2->200.30.75.3, d=190.1.190.2[0] (request)
NAT*: s=190.1.190.2, d=200.30.75.3->192.168.1.2[0] (reply)
NAT: s=192.168.1.2->200.30.75.3, d=190.1.190.2[0]
PC
NAT*: s=190.1.190.2, d=200.30.75.3->192.168.1.2[0]

NAT: s=192.168.1.2->200.30.75.3, d=190.1.190.2[0]
NAT*: s=190.1.190.2, d=200.30.75.3->192.168.1.2[0]
NAT: s=192.168.1.2->200.30.75.3, d=190.1.190.2[0]
NAT*: s=190.1.190.2, d=200.30.75.3->192.168.1.2[0]
Cisco Public
12

Router(EIGRP)#debug ip icmp
ICMP: echo reply sent, src 190.1.190.1, dst 200.30.75.3
Direccin Transladada (host 192.168.1.2)
Cisco Public
13
Configuracin NAT dinamico en CISCO

Como Configurar NAT dinamico para conservar el
espacio de direcciones IP de la red.
Cisco Public
14

ip address 190.1.190.1 255.255.255.0
duplex auto
speed auto
ip address 200.30.75.2 255.255.255.0
router eigrp 1
network 200.30.75.0 0.0.0.3
network 190.1.190.0 0.0.0.255
no auto-summary
Cisco Public
15
Configuracin Router NAT dinamico(3)

ip address 192.168.1.10 255.255.255.0
ip nat inside
duplex auto
speed auto
ip address 200.30.75.1 255.255.255.0
ip nat outside
Rango Global
clock rate 64000

ip nat pool RANGO 200.30.75.3 200.30.75.5 netmask 255.255.255.0
access-list 10 permit 192.168.1.0 0.0.0.255
ip nat inside source list 10 pool RANGO
ip classless
ip route 190.1.190.0 255.255.255.0 200.30.75.2
Cisco Public
ACL direcciones LAN
Translacin de Direcciones IP
16

Pro Inside global
Inside local
Outside local
--- 200.30.75.3
192.168.1.2
---
---
--- 200.30.75.4
192.168.1.3
---
---
--- 200.30.75.5
192.168.1.4
---
---
Cisco Public
Outside global
17

WEB SERVER
NAT: s=192.168.1.2->200.30.75.3, d=190.1.190.2[1] (request)
NAT*: s=190.1.190.2, d=200.30.75.3->192.168.1.2[1] (reply)
NAT: s=192.168.1.3->200.30.75.4, d=190.1.190.2[2]
Translacin
NAT*: s=190.1.190.2, d=200.30.75.4->192.168.1.3[2]
NAT: s=192.168.1.4->200.30.75.5, d=190.1.190.2[3]

NAT*: s=190.1.190.2, d=200.30.75.5->192.168.1.4[3]
Cisco Public
18
Configuracin NAT/PAT sobre Router Cisco

Como Configurar NAT /PAT para conservar el espacio
de direcciones IP de la red.
Cisco Public
19

ip address 190.1.190.1 255.255.255.0
duplex auto
speed auto
ip address 200.30.75.2 255.255.255.0
router eigrp 1
network 200.30.75.0 0.0.0.3
network 190.1.190.0 0.0.0.255
no auto-summary
Cisco Public
20
Configuracin Router NAT dinamico(2)

ip address 192.168.1.10 255.255.255.0
ip nat inside
duplex auto
speed auto
ip address 200.30.75.1 255.255.255.0
ip nat outside
Interface Global
clock rate 64000

ip nat inside source list 10 interface Serial0/0/0 overload
access-list 10 permit 192.168.1.0 0.0.0.255
ip classless
ip route 190.1.190.0 255.255.255.0 200.30.75.2
Cisco Public
Translacin de Direcciones IP
ACL direcciones LAN
21

Pro Inside global Inside local
Outside local
Outside global
tcp 200.30.75.1:1025 192.168.1.2:1025 190.1.190.2:80 190.1.190.2:80
tcp 200.30.75.1:1024 192.168.1.3:1025 190.1.190.2:80
tcp 200.30.75.1:1026 192.168.1.4:1026 190.1.190.2:80
190.1.190.2:80
190.1.190.2:80
IP interface S0/0/0
Uso de Puertos en la Translacin de Direcciones IP
Cisco Public
22

WEB SERVER
NAT: s=192.168.1.2->200.30.75.1, d=190.1.190.2[20]
NAT*: s=190.1.190.2, d=200.30.75.1->192.168.1.2[20](reply)
NAT: s=192.168.1.3->200.30.75.1, d=190.1.190.2[21]

NAT*: s=190.1.190.2, d=200.30.75.1->192.168.1.3[21]
Translacin
IP S0/0/0
NAT: s=192.168.1.4->200.30.75.1, d=190.1.190.2[22]

NAT*: s=190.1.190.2, d=200.30.75.1->192.168.1.4[22]
Cisco Public
23
Configure NAT on a Cisco Router

Describe how to configure NAT Overload to conserve
IP address space in a network
Cisco Public
24
Resumen
Network Address Translation (NAT)
A means of translating private IP addresses to public IP
addresses
Type s of NAT
Static
Dynamic
Some commands used for troubleshooting
Show ip nat translations
Show ip nat statistics
Debug ip nat
Cisco Public
25
Cisco Public
26

Configuracion NAT CISCO (Ok)

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Configuracion NAT CISCO (Ok)

Hochgeladen von

Copyright:

Verfügbare Formate

Network Address

Ing. Enrique Santiago PhD(c)

2006 Cisco Systems, Inc. All rights reserved.

Socializar el concepto de NAT.

Describir la justificacin de NAT.

Socializar los diferentes tipos de NAT.

Configurar NAT sobre routers Cisco.

2006 Cisco Systems, Inc. All rights reserved.

Configuracin de NAT sobre Router Cisco

2006 Cisco Systems, Inc. All rights reserved.

Configuracion de NAT sobre Router Cisco

2006 Cisco Systems, Inc. All rights reserved.

Configure NAT on a Cisco Router

2006 Cisco Systems, Inc. All rights reserved.

2006 Cisco Systems, Inc. All rights reserved.

Configuracin NAT esttico en CISCO

2006 Cisco Systems, Inc. All rights reserved.

Ejemplo NAT esttico

2006 Cisco Systems, Inc. All rights reserved.

Configuracin Bsica Routing EIGRP

2006 Cisco Systems, Inc. All rights reserved.

Configuracin Router NAT esttico(1)

ip nat inside source static 192.168.1.2 200.30.75.3

2006 Cisco Systems, Inc. All rights reserved.

Comandos Depuracin NAT

2006 Cisco Systems, Inc. All rights reserved.

Comandos Depuracin NAT

NAT*: s=190.1.190.2, d=200.30.75.3->192.168.1.2[0]

2006 Cisco Systems, Inc. All rights reserved.

Comandos Depuracin NAT

Direccin Transladada (host 192.168.1.2)

2006 Cisco Systems, Inc. All rights reserved.

Configuracin NAT dinamico en CISCO

2006 Cisco Systems, Inc. All rights reserved.

Configuracin Bsica Routing EIGRP

2006 Cisco Systems, Inc. All rights reserved.

Configuracin Router NAT dinamico(3)

clock rate 64000

2006 Cisco Systems, Inc. All rights reserved.

ACL direcciones LAN

Comandos Depuracin NAT

2006 Cisco Systems, Inc. All rights reserved.

Comandos Depuracin NAT

NAT: s=192.168.1.3->200.30.75.4, d=190.1.190.2[2]

NAT*: s=190.1.190.2, d=200.30.75.4->192.168.1.3[2]

NAT: s=192.168.1.4->200.30.75.5, d=190.1.190.2[3]

2006 Cisco Systems, Inc. All rights reserved.

Configuracin NAT/PAT sobre Router Cisco

2006 Cisco Systems, Inc. All rights reserved.

Configuracin Bsica Routing EIGRP

2006 Cisco Systems, Inc. All rights reserved.

Configuracin Router NAT dinamico(2)

clock rate 64000

2006 Cisco Systems, Inc. All rights reserved.

Comandos Depuracin NAT

Uso de Puertos en la Translacin de Direcciones IP

2006 Cisco Systems, Inc. All rights reserved.

Comandos Depuracin NAT

NAT: s=192.168.1.3->200.30.75.1, d=190.1.190.2[21]

NAT: s=192.168.1.4->200.30.75.1, d=190.1.190.2[22]

2006 Cisco Systems, Inc. All rights reserved.

Configure NAT on a Cisco Router

2006 Cisco Systems, Inc. All rights reserved.