NAT – Part 3 (Dynamic NAT Configuration with Packet Tracer) - www.ipcisco.com : www.ipcisco.com
You can Reach Our "CCNA Lab Courses with Packet Tracer" on Udemy.!!!
cisco-packet-tracer-ccna-adventure-1- cisco-packet-tracer-ccna-adventure-2-
Content Protection by DMCA.com

Dynamic NAT Configuration

with Packet Tracer




************************************************************
WouLd YoU LiKe To Learn How to Use PAcket TraceR and PracTice CCNA LAbs
on PaCKet TrAcEr??? Here is My Courses on UDemY!!
CISCO PACKET TRACER HOW TO GUIDE
CISCO PACKET TRACER CCNA LABS ADVENTURE 1
CISCO PACKET TRACER CCNA LABS ADVENTURE 2
************************************************************


Before this article, we have talked about Static NAT configuration. Here, we will talk about Dynamic NAT configuration on Packet Tracer. As in Static NAT, in the Dynamic NAT configuration, the interfaces must be identified as inside and outside again. Then we will define a Dynamic Address Pool on the NAT router. The ip address will be choosen in this pool to assign as source ip address.

We will use the Dynamic NAT topology below for our Dynamic NAT configuration. And we will use Packet Tracer as a network simulation program.

You can DOWNLOAD the Packet Tracer example with .pkt format HERE.

dynamic nat (network adress translation)

Dynamic NAT (Network Address Translation) Configuration Topology

In our Dynamic NAT configuration topology on Packet Tracer, we will have two networks again, one local and one outside network. In local network, we have three PCs and we will provide internet access to these PCs. Our Dynamic NAT configuration topology on Packet Tracer will be a small simulation of real world office Internet access.

Firstly, before Dynamic NAT configuration, we will do our IP configurations on PCS and routersand we will provide full connectivity end to end.

Our PCs on Packet Tracer will be configured with below IP addresses.

PC0 : 10.0.0.2 255.255.255.0 GW:10.0.0.1
PC1 : 10.0.0.3 255.255.255.0 GW:10.0.0.1
PC2 : 10.0.0.4 255.255.255.0 GW:10.0.0.1

Router1(config)# interface FastEthernet0/0
Router1(config-if)# ip address 10.0.0.1 255.255.255.0
Router1(config-if)# no shutdown
Router1(config-if)# exit
Router1(config)# interface FastEthernet0/1
Router1(config-if)# ip address 212.100.100.2 255.255.255.0
Router1(config-if)# no shutdown
Router1(config-if)# exit

Router2(config)# interface FastEthernet0/0
Router2(config-if)# ip address 212.100.100.1 255.255.255.0
Router2(config-if)# no shutdown
Router2(config-if)# exit
Router2(config)# ip default-gateway 212.100.100.2

Firstly let’s check the ping packet’s source address when we are pinging from PC 1 to Router2. A2 you can seelowe b, the source address will be the PC 0 ‘s IP address. To see the packet you must enable NAT debug mode on Router2 by “debug ip nat” command.Check the below screenshots.

PC0>ping 212.100.100.1
Pinging 212.100.100.1 with 32 bytes of data:

Reply from 212.100.100.1: bytes=32 time=13ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=2ms TTL=254

Ping statistics for 212.100.100.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 13ms, Average = 4ms

Router2#debug ip nat 
IP NAT debugging is on
Router2#
ICMP: echo reply sent, src 212.100.100.1, dst 10.0.0.2

ICMP: echo reply sent, src 212.100.100.1, dst 10.0.0.2

ICMP: echo reply sent, src 212.100.100.1, dst 10.0.0.2

ICMP: echo reply sent, src 212.100.100.1, dst 10.0.0.2

Now let’s do the Dynamic NAT configuration on Router1.

Router1(config)# interface FastEthernet0/0 
Router1(config-if)# ip nat inside
Router1(config-if)# exit
Router1(config)# interface FastEthernet0/1
Router1(config-if)# ip nat outside
Router1(config-if)# exit

Lastly, with an Access-List(ACL) we will specify the private addresses to be allowed to be dynamically translated. We will creatre an IP Pool with theIP addresses from 50.50.50.1 to 50.50.50.100 . Then we will match this pool with IP block defined with ACL. We will assign this IP Pool towards NAT inside.

Router1(config)# ip nat pool IPCISCO 50.50.50.1 50.50.50.100 netmask
Router1(config)# ip nat inside source list 10 pool IPCISCO
Router1(config)# access-list 10 permit 10.10.10.0  0.0.0.255

Here, these allowed addresses above will be tranlated to a value in public address pool that will be dynamically choosen.

It is time to verify our configuration with the same ping packet’s source IP address control. Open the debug mode on Router2 with “debug ip nat” command and ping the Router2 from PC0, PC1 and PC2.

PC0>ping 212.100.100.1
Pinging 212.100.100.1 with 32 bytes of data:

Reply from 212.100.100.1: bytes=32 time=0ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254

Ping statistics for 212.100.100.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms

Router2#debug  ip nat 
IP NAT debugging is on
Router2#
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.1
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.1
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.1
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.1

Router2#
IP: tableid=0, s=50.50.50.5 (FastEthernet0/0), d=212.100.100.1 (FastEthernet0/0), routed via RIB

IP: s=50.50.50.5 (FastEthernet0/0), d=212.100.100.1 (FastEthernet0/0), len 128, rcvd 3

ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.5

IP: tableid=0, s=212.100.100.1 (local), d=50.50.50.5 (FastEthernet0/0), routed via RIB

IP: s=212.100.100.1 (local), d=50.50.50.5 (FastEthernet0/0), len 128, sending

...

PC1>ping 212.100.100.1
Pinging 212.100.100.1 with 32 bytes of data:

Reply from 212.100.100.1: bytes=32 time=2ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254

Ping statistics for 212.100.100.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms
Router2#
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.2
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.2
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.2
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.2

Router2#
IP: tableid=0, s=50.50.50.5 (FastEthernet0/0), d=212.100.100.1 (FastEthernet0/0), routed via RIB

IP: s=50.50.50.5 (FastEthernet0/0), d=212.100.100.1 (FastEthernet0/0), len 128, rcvd 3

ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.5

IP: tableid=0, s=212.100.100.1 (local), d=50.50.50.5 (FastEthernet0/0), routed via RIB

IP: s=212.100.100.1 (local), d=50.50.50.5 (FastEthernet0/0), len 128, sending

IP: tableid=0, s=50.50.50.5 (FastEthernet0/0), d=212.100.100.1 (FastEthernet0/0), routed via RIB

IP: s=50.50.50.5 (FastEthernet0/0), d=212.100.100.1 (FastEthernet0/0), len 128, rcvd 3

ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.5

IP: tableid=0, s=212.100.100.1 (local), d=50.50.50.5 (FastEthernet0/0), routed via

...

PC2>ping 212.100.100.1
Pinging 212.100.100.1 with 32 bytes of data:

Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=0ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254
Reply from 212.100.100.1: bytes=32 time=1ms TTL=254

Ping statistics for 212.100.100.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms

Router2#
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.3
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.3
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.3
ICMP: echo reply sent, src 212.100.100.1, dst 50.50.50.3

Here, for the reply packets, the source is same for three PCs, 50.50.50.5. But the destination of replies are differrent 50.50.50.1, 50.50.50.2 and 50.50.50.3 .

You can DOWNLOAD the Packet Tracer example with .pkt format HERE.

You can download “Packet Tracer” in Tools section.



************************************************************
WouLd YoU LiKe To Learn How to Use PAcket TraceR and PracTice CCNA LAbs
on PaCKet TrAcEr??? Here is My Courses on UDemY!!
CISCO PACKET TRACER HOW TO GUIDE
CISCO PACKET TRACER CCNA LABS ADVENTURE 1
CISCO PACKET TRACER CCNA LABS ADVENTURE 2
************************************************************

You can reach the other NAT articles below:
Network Address Translation (NAT) – Part 1
Network Address Translation (NAT) – Part 2 (Static NAT Configuration)
Network Address Translation (NAT) – Part 3 (Dynamic NAT Configuration)
Network Address Translation (NAT) – Part 4 (Port Address Translation)

You can check the other Packet Tracer Examples below:

Common Cisco Router Configuration Example on Packet Tracer
Router DHCP Configuration Example on Packet Tracer
VTP Configuration Example on Packet Tracer
VLAN Configuration Example on Packet Tracer
STP Configuration Example on Packet Tracer
RSTP Configuration with Packet Tracer
STP Portfast Configuration with Packet Tracer
Inter VLAN Routing Configuration on Packet Tracer
Switch Virtual Interface (SVI) Configuration with Packet Tracer
BGP Configuration Example on Packet Tracer
Port Security Configuration Example on Packet Tracer
RIP Configuration Example on Packet Tracer
CDP Configuration Example on Packet Tracer
OSPF Area Types Example on Packet Tracer (Standard and Backbone Areas)
OSPF External Routes Example on Packet Tracer
OSPF Area Types Example on Packet Tracer (Stub, NSSA, Totally Stubby, Totally NSSA Areas)

Youn can join OUR Facebook Group with the below links!!!

You can Reach Our "CCNA Lab Courses with Packet Tracer" on Udemy.!!!
cisco-packet-tracer-ccna-adventure-1- cisco-packet-tracer-ccna-adventure-2-



About the Author
Gokhan Kosem is a telecommunation and network engineer. His ambition to IP networks and end-to-end system installation made him to prepare this web-site. By sharing his experiences about various networking protocols beside different system installation experiences and Cisco, Juniper, Alcatel-Lucent devices configurations, he is aimed to be helpful for his collegues in all over the world. He is currently lives in Istanbul, Turkey.

2 comments for “NAT – Part 3 (Dynamic NAT Configuration with Packet Tracer)”

1
afaq

Sir i want understand Dynamic NAT configuration as trainee pls with dygram

January 26th, 2015 at 21:19
2
Rasheed

Dear Gokhan..The tutorial was really helpful but you
could have used 8 more PCs to let us know when the ip pool becomes exhausted and the last PC could not access internet.
Thanks!

February 7th, 2015 at 18:44

Leave a Reply


Copy Protected by Chetan's WP-Copyprotect.