06-12-2023 11:52 PM - edited 06-12-2023 11:54 PM
I have a problem. I want to apply nat/pat (it is a requirement) so that my PC's can ping to the address 64.100.100.10 (in the green part) and that from the yellow part my PC can also ping to the address 64.100.100.10. The routing protocol that i already configured is OSPF (it is a requirement). Can you please put the commands that u use in the packet tracer?
Solved! Go to Solution.
06-13-2023 01:28 AM - last edited on 06-15-2023 04:41 PM by Translator
Hello @TS40
To put the NAT in place you need an
access list
matching the traffic. As you have 4 different networks, you can use an ACL like this
access-list 1 permit 192.168.0.0 0.0.255.255
This ACL will match all your LAN traffic. Apply this ACL to R2.
Then, you need to add the command
ip nat inside
in all R2´s interfaces except Gi0/0
On the interface Gi0/0 you appy the command
ip nat outside
Last you use the NAT statement which is
ip nat inside source list 1 interface
GigabitEthernet0/0
overload
But, there´s one more thing you are going to need in order to ping the IP 64.100.100.10, which is let the network know that it exist.
You can do this on the R2 OSPF process by adding one of the following command
router ospf 1
redistribut static subnets
OR
router ospf 1
default-information originate
Both command will tell to others routers that the IP address 64.100.100.10 exist behind R2.
Attaching my file for your reference.
To check the NAT use the command
show ip nat translations
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 209.165.200.225:17192.168.30.2:17 64.100.100.10:17 64.100.100.10:17
icmp 209.165.200.225:18192.168.30.2:18 64.100.100.10:18 64.100.100.10:18
icmp 209.165.200.225:19192.168.30.2:19 64.100.100.10:19 64.100.100.10:19
icmp 209.165.200.225:20192.168.30.2:20 64.100.100.10:20 64.100.100.10:20
06-13-2023 01:28 AM - last edited on 06-15-2023 04:41 PM by Translator
Hello @TS40
To put the NAT in place you need an
access list
matching the traffic. As you have 4 different networks, you can use an ACL like this
access-list 1 permit 192.168.0.0 0.0.255.255
This ACL will match all your LAN traffic. Apply this ACL to R2.
Then, you need to add the command
ip nat inside
in all R2´s interfaces except Gi0/0
On the interface Gi0/0 you appy the command
ip nat outside
Last you use the NAT statement which is
ip nat inside source list 1 interface
GigabitEthernet0/0
overload
But, there´s one more thing you are going to need in order to ping the IP 64.100.100.10, which is let the network know that it exist.
You can do this on the R2 OSPF process by adding one of the following command
router ospf 1
redistribut static subnets
OR
router ospf 1
default-information originate
Both command will tell to others routers that the IP address 64.100.100.10 exist behind R2.
Attaching my file for your reference.
To check the NAT use the command
show ip nat translations
R2#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 209.165.200.225:17192.168.30.2:17 64.100.100.10:17 64.100.100.10:17
icmp 209.165.200.225:18192.168.30.2:18 64.100.100.10:18 64.100.100.10:18
icmp 209.165.200.225:19192.168.30.2:19 64.100.100.10:19 64.100.100.10:19
icmp 209.165.200.225:20192.168.30.2:20 64.100.100.10:20 64.100.100.10:20
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide