PAT Configuration - DefiantCoder/Tech-Journals GitHub Wiki

image

1. Your Router interfaces must be configured

EX: make sure your have your Fast Ethernet ports configured and your serial set

On Router 1: FE 0/0 192.168.0.1/24 (ex setting) and Serial 0/0/0 30.0.0.1/8 (ex setting)

On Router 2: FE 0/0 20.0.0.1/8 (ex setting) and Serial 0/0/0 30.0.0.2/8 (ex setting)

2. Make sure your routing is configured

On Router 1: Set the Default Route (or Gateway of Last Resort) to Router 2

ip route 0.0.0.0 0.0.0.0 30.0.0.2 (example route, 30.0.0.2 is the serial of Router 2)

Configure PAT on the router (Router 1 in this ex)

1. Define "Inside" and "Outside" interfaces

  • This will create a route from 10.0.0.2 to the 30.0.0.0 network (10.0.0.2 is the server and 30.0.0.0 is the network the computers are attached to)

R1(config)#interface fastEthernet 0/0

R1(config-if)#ip nat inside

R1(config-if)#exit

R1(config)#interface serial 0/0/0

R1(config-if)#ip nat outside

R1(config-if)#exit

2. Create Address Pool named "test" for the Public IP addresses that 192.168 clients can use. It only has 1 IP in the pool (30.0.0.120)

  • R1(config)#ip nat pool test 30.0.0.120 30.0.0.120 netmask 255.0.0.0

3. Create an access-list that defines which internal IP's can use the Public IP pool test

  • R1(config)#access-list 1 permit 192.168.0.0 0.0.0.255

4. Assign pool and access rule to interface with nat statement - basically saying that access-list 1 (192.168 addresses) can be translated to the PAT IP' from pool "test" when going from the "inside" to "outside". Overload states that the IP can be used by many (up to 64,000) clients.

  • R1(config)#ip nat inside source list 1 pool test overload