Lab 6‐2: PAT Configuration - AidanP017/Aidan-NET-330 GitHub Wiki

Purpose

In this lab, we configured port address translation (PAT) in a network on Cisco Packet Tracer to allow PCs with private IP addresses to use 30.0.0.120 as their shared public IP address.

Router Configurations

Similar to the processes in Lab 6-1, we configured the router CLIs to set up hostnames and IP addresses. The screenshots below shows configurations for Router 1 and Router 2, respectively.

{1B20B78A-8FCB-413F-817C-54C59B1FD4F7}

{0C4F9E3E-A65F-4F63-A526-1B27F5AD66BF}

Then on Router 1, we set the default route to Router 2.

{9455772F-AE25-40C1-B40F-22763299F8B0}

No connectivity should be established as of yet so pinging the external server at 20.0.0.2 from one of the PCs should not return results.

{E24EDF2D-AAFE-472C-85C8-C6B78F0C802F}

PAT Configuration

Next, we configured PAT on Router 1 to be able to connect to the external server from multiple PCs.

Once again, similar to Lab 6-1, we first defined the FastEthernet0/0 port as the inside of the NAT network and the Serial0/0/0 port as the outside of the NAT network.

{950E6F86-1605-495B-A118-D1770E259335}

Then we created an address pool named "test" that would contain the public IP address to be used by 192.168 clients, with only one IP in the pool being 30.0.0.120.

{70B18D30-F405-46EC-AD77-2D3FD63EDFE0}

From there, we created an access list to define which internal IP addresses could use the address pool.

{9334CB9A-E78C-4AAC-A0E1-A1A179F2633D}

Lastly, we assigned the address pool and access rule to the router with an NAT statement, which would allow 192.168 addresses to be translated to the PAT IP addresses from the address pool when going from the inside of the network to the outside.

{F9A81421-A8F7-4FA1-B0B5-1B356D8D6AB2}

If configured correctly, the PCs in the network should be able to ping the external server at 20.0.0.2 as well as access it in a web browser.

{08BDFCB1-A0F6-404E-B07C-0A824B3B8D0D}

{3D41A27B-254B-4F92-88E7-A3049B2629A1}

Further, we can also verify that PAT is working by going to Router 1 and using the command show ip nat translations which will display how TCP ports are being used to track connections in the NAT table.

{89034F4D-C6F1-410D-8B2B-27E15BFEF843}

Using Simulation Mode

Although Packet Tracer uses Realtime mode to show the success or failure of pings between devices, using Simulation Mode will provide a more detailed illustration of these pings as traffic packets travel from device to device. The screenshot below shows PC5 pinging the server in Simulation mode.

{12BFCD83-1115-4C21-BB6E-B681BDA1BD49}

Looking at one of these packets, users can see important information about the whereabouts of packets, layer details, and associated protocols.

{8669BC74-2DA0-4C52-B5A9-0025C82CC447}

Further, users can filter the protocols to only show packets associated with these protocols specifically. This can be useful for understanding what protocols are relevant for certain functions in the network such as sending pings.

{7E54B1F0-8B6D-4DE8-9E62-BF7D26B15D90}

{C77F846C-3C39-4C68-A3B4-36F996A2F1BF}