6.4.5 Packet Tracer – Configure Static NAT (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Objectives
- Part 1: Test Access without NAT
- Part 2: Configure Static NAT
- Part 3: Test Access with NAT
Scenario
In IPv4 configured networks, clients and servers use private addressing. Before packets with private addressing can cross the internet, they need to be translated to public addressing. Servers that are accessed from outside the organization are usually assigned both a public and a private static IP address. In this activity, you will configure static NAT so that outside devices can access an inside server at its public address.
Instructions
Part 1: Test Access without NAT
Step 1: Attempt to connect to Server1 using Simulation Mode.
a. Switch to Simulation mode.
b. From PC1 or L1, use the Web Browser to attempt to connect to the Server1 web page at 172.16.16.1. Continue to click the Capture Forward button, notice how the packets never leave the internet cloud. The attempts should fail.
c. Exit Simulation mode.
d. From PC1, ping the R1 S0/0/0 interface (209.165.201.2). The ping should succeed.
Step 2: View R1 routing table and running-config.
a. View the running configuration of R1. Note that there are no commands referring to NAT. An easy way to confirm this is to issue the following command:
R1# show run | include nat
b. Verify that the routing table does not contain entries referring to the IP network addresses for PC1 and L1.
c. Verify that NAT is not being used by R1.
R1# show ip nat translations
Part 2: Configure Static NAT
Step 1: Configure static NAT statements.
Refer to the Topology. Create a static NAT translation to map the Server1 inside address to its outside address.
R1(config)# ip nat inside source static 172.16.16.1 64.100.50.1
Step 2: Configure interfaces.
a. Configure the G0/0 interface as an inside interface.
R1(config)# interface g0/0 R1(config-if)# ip nat inside
b. Configure the s0/0/0 public interface as an outside interface.
R1(config)# interface s0/0/0 R1(config-if)# ip nat outside
Part 3: Test Access with NAT
Step 1: Verify connectivity to the Server1 web page.
a. Open the command prompt on PC1 or L1, attempt to ping the public address for Server1. Pings should succeed.
b. Verify that both PC1 and L1 can now access the Server1 web page.
Step 2: View NAT translations.
Use the following commands to verify the static NAT configuration on R1:
show running-config show ip nat translations show ip nat statistics
Download Packet Tracer Completed File
[sociallocker id=”54558″]
[wpdm_package id=’55932′]
[wpdm_package id=’55933′]
[/sociallocker]
[alert-note][one_half]
Previous Lab
6.2.7 Packet Tracer – Investigate NAT Operation
[/one_half][one_half_last]
Next Lab
6.5.6 Packet Tracer – Configure Dynamic NAT
[/one_half_last][/alert-note]