00.27

Lab 8.4.3 Configuring an ACL with NAT

Sonya Leoni
06491/2008

Step 1: Connect the equipment
a. Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial
cable as shown in the diagram and addressing table.
b. Connect the Fa0/0 interface of Router 1 to the Fa0/1 port of Switch 1 using a straight-through cable.
c. Connect each PC with a console cable to perform configurations on the router and switches.
d. Connect Host 1 to the Fa0/2 port of Switch 1 using a straight-through cable.
e. Connect Host 2 to the Fa0/3 port of Switch 1 using a straight-through cable.
Step 2: Perform basic configuration on Router 1
a. Connect a PC to the console port of the router to perform configurations using a terminal emulation
program.
b. Configure Router 1 with a hostname, interfaces, console, Telnet, IP addresses, and privileged
passwords according to the addressing table and topology diagram. Save the configuration.
Step 3: Perform basic configuration on Router 2
Perform basic configuration on Router 1 as the gateway router with a hostname, interfaces, console, Telnet,
and privileged passwords according to the addressing table and topology diagram. Save the configuration.
Step 4: Perform basic configuration on Switch 1
a. Configure Switch 1 with a hostname and console, telnet and privileged passwords according to the
table and topology diagram.
Step 5: Configure the hosts with IP address, subnet mask, and default gateway
a. Configure each host with the proper IP address, subnet mask, and default gateway.
b. Each workstation should be able to ping the attached router. If the ping was not successful,
troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP
address and default gateway.
Step 6: Configure static and default routes on the routers
a. Configure a static route on router R2 to reach the private network on R1. Use the next hop interface
on R1 as the path.
R2(config)#ip route 192.168.1.0 255.255.255.0 209.165.201.1
b. Configure a default route on router R1 to forward any unknown destination traffic to the next hop
interface on R2.
R1(config)#ip route 0.0.0.0 0.0.0.0 209.165.201.2
Step 7: Verify that the network is functioning
a. From the attached hosts, ping the FastEthernet interface of the default gateway router.
Was the ping from Host 1 successful? __________ Yes
Was the ping from Host 2 successful? __________ Yes
If the answer is no for either question, troubleshoot the router and host configurations to find the error.
Ping again until they are both successful.
b. From each host, ping the Serial 0/0/0 interface of R2.
Each ping should be successful. If it is not, troubleshoot the static and default route configurations to
find the error. Ping again until they are both successful.
Step 8: Configure NAT and PAT on R1
a. Define an access list that matches the inside private IP addresses.
R1(config)#access-list 1 permit 192.168.1.0 0.0.0.255
b. Define the PAT translation from inside the list to outside.
R1(config)#ip nat inside source list 1 interface s0/0/0 overload
c. Specify the interfaces.
R1(config)#interface fastethernet 0/0
R1(config-if)#ip nat inside
R1(config-if)#exit
R1(config)#interface serial 0/0/0
R1(config-if)#ip nat outside
Where will the private IP address of a host be translated? ___________________________
__________________________________ At R1’s serial 0/0/0 interface
Step 9: Test and verify the configuration
a. Ping PC2 from PC1.
Was it successful? ________ Yes
b. Ping the serial interface on R2 from PC1 and PC2.
Was it successful? _______ Yes
c. Verify that NAT translations are taking place by using the command show ip nat translations
(a sample output is shown).



0 komentar: