Lab 6.2 PAT - 5huckle/OFFICIALTECHJOURNAL GitHub Wiki

Configure Router Interfaces

On Router 1: FE 0/0 192.168.0.1/24 and Serial 0/0/0 30.0.0.1/8

On Router 2: FE 0/0 20.0.0.1/8 and Serial 0/0/0 30.0.0.2/8

Configure Routing

On Router 1: Set the Default Route (or Gateway of Last Resort) to Router 2

ip route 0.0.0.0 0.0.0.0 30.0.0.2 At this point, there should be no connectivity between the PC's and the external networks/server. Ping will fail to 20.0.0.2

Configure PAT on Router 1

1. Define "Inside" and "Outside" interfaces

2. Create Address Pool named "test" for the Public IP addresses that 192.168 clients can use. It only has 1 IP in the pool (30.0.0.120)

R1(config)#ip nat pool test 30.0.0.120 30.0.0.120 netmask 255.0.0.0 3. Create an access-list that defines which internal IP's can use the Public IP pool test

R1(config)#access-list 1 permit 192.168.0.0 0.0.0.255 4. Assign pool and access rule to interface with nat statement - basically saying that access-list 1 (192.168 addresses) can be translated to the PAT IP' from pool "test" when going from the "inside" to "outside". Overload states that the IP can be used by many (up to 64,000) clients.

R1(config)#ip nat inside source list 1 pool test overload

If PAT is working, you should be able to connect the web service on the server (20.0.0.2) from the browser on multiple PC's

To verify PAT, go to R1 and use this sh ip nat translations command. It show how TCP ports are used to track connections in the NAT Table :