In this tutorial i am going to show you how to configure Dynamic NAT on Cisco Router and to show this configuration lab i am going to use cisco packet tracer software here.
If you are new to Network Address Translation You must Read below articles before going through this DNAT configuration Lab.
Read:NAT Basics and Introduction Tutorial about NAT Technology.
Read: Static NAT Configuration LAB.
Read: IPv6 Static NAT Configuration LAB.
After Configuring Dynamic NAT a person in Public Network can’t see the real Public IP Address of our Network 2.0.0.0.
They can only see the range of IP Address with different subnet mask. So you can say that this is also a type of Network Security.
Step 1:Draw the network topology Diagram using cisco packet tracer software.
We have two Router used in this DNAT Configuration Lab.
Router R1( Home Router)
Router R2(ISP Router)
Step 2:Assign the IP Address on HOME ROUTER R1:
Router>enable Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#host R1 R1(config)#int fa0/0 R1(config-if)#ip address 10.0.0.1 255.0.0.0 R1(config-if)#no shut R1(config-if)#exit R1(config)#int fa0/1 R1(config-if)#ip address 2.0.0.1 255.0.0.0 R1(config-if)#no shut
Step 3:Assign IP Address on ISP ROUTER R2:
Router>enable Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#host R2 R2(config)#int fa0/0 R2(config-if)#ip add 3.0.0.1 255.0.0.0 R2(config-if)#no shut R2(config-if)#exit R2(config)#int fa0/1 R2(config-if)#ip add 2.0.0.2 255.0.0.0 R2(config-if)#no shut
Step 4:Dynamic NAT configuration on HOME ROUTER R1:
R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255 R1(config)#int fa0/0 R1(config-if)#ip nat inside R1(config-if)#exit R1(config)#int fa0/1 R1(config-if)#ip nat outside R1(config-if)#exit
Now Create the POOL:
R1(config)#ip nat pool satish 2.0.0.1 2.0.0.4 netmask 255.255.255.248 R1(config)#ip nat inside source list 1 pool satish
Step 5: Route Configuration on Home Router and ISP Router.
Now i ma going to configure Routing on R1 and R2 Router.
First Do routing configuration on R1 Router:
R1(config)#ip route 0.0.0.0 0.0.0.0 2.0.0.2
Then Configure Routing on Router R2:
R2(config)#ip route 0.0.0.0 0.0.0.0 2.0.0.1
Step 5:Now Check NAT configuration using Below command.
First Ping 3.0.0.2 Machine from PC. PC>ping 3.0.0.2 Pinging 3.0.0.2 with 32 bytes of data: Reply from 3.0.0.2: bytes=32 time=7ms TTL=126 Reply from 3.0.0.2: bytes=32 time=1ms TTL=126 Reply from 3.0.0.2: bytes=32 time=0ms TTL=126 Reply from 3.0.0.2: bytes=32 time=0ms TTL=126 Ping statistics for 3.0.0.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 7ms, Average = 2ms
Just when Ping Run Below command.
This command will help to see the translation process in Router.
Now watch the ip address carefully. you will see the subnetted ip address only.They ca,t see the real ip address.
R1#debug ip nat IP NAT debugging is on R1# NAT: s=10.0.0.2->2.0.0.4, d=3.0.0.2 [12] NAT*: s=3.0.0.2, d=2.0.0.4->10.0.0.2 [19] NAT: s=10.0.0.2->2.0.0.4, d=3.0.0.2 [13] NAT*: s=3.0.0.2, d=2.0.0.4->10.0.0.2 [20] NAT: s=10.0.0.2->2.0.0.4, d=3.0.0.2 [14] NAT*: s=3.0.0.2, d=2.0.0.4->10.0.0.2 [21] NAT: s=10.0.0.2->2.0.0.4, d=3.0.0.2 [15] NAT*: s=3.0.0.2, d=2.0.0.4->10.0.0.2 [22]
Learn Linux CCNA CEH IPv6 Cyber-Security Online 