Monday, April 27, 2009

Network Address Translation

As I promised Poh Meng in a very boring Sunday, I will post this basic cisco commands for NAT as co-author for this blog, I appreciate Poh Meng for given me the chance to share my semi professional knowledge here, and hope you all find it useful for you.

Normally these IPs are given by ISP, and all these IP are:
WAN IP: 207.123.123.122 (Customer), 207.123.123.121 (ISP) <--- you have 207.123.123.120/30 here, normally first usable IP of this subnet - 207.123.123.121 is reside to ISP end, and second usable IP of this subnet will allocated to CPE
LAN IP: 62.14.139.132/29 <--- these IPs are given to customer by ISP as Internet IP address (registered IP)

OK, now we start the Cisco router part:
First we start with assign IP to each interface, both LAN and WAN.
=====Cisco Command=====
interface e0 or interface f0/0 (LAN interface)
ip address 192.168.0.1 255.255.255.0 <--- assign IP to interface
ip nat inside <--- define boundary of NAT
no shut

interface s0 (WAN interface)
ip address 207.123.123.122 255.255.255.252 <--- assign IP to interface
ip nat outside <--- define boundary of NAT
no shut

*Sorry for I may confuse you if you don't even know what is IP subnet or subnet mask, 255.255.255.252 behind IP address just a subnet mask for /30 subnet

ip route 0.0.0.0 0.0.0.0 207.123.123.121 <--- this is command for default route
access-list 10 permit 192.168.0.0 0.0.0.255 <---ACL to allow translation from LAN IP to WAN IP
ip nat pool WANIP 62.14.139.133 62.14.139.133 netmask 255.255.255.248 <--- IP nat pool, Start IP and End IP
ip nat inside source list 10 pool WANIP overload <--- to apply internal IP translation, overload to allow multiple LAN IPs translate to single WAN IP

DONE

1 comment:

PohMeng said...

Good JOB future CCIE...
Thanks for post at here.. ^^