Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1700
Views
10
Helpful
8
Replies

Configuring PAT

Go to solution
ferdao71493
Level 1
Level 1

ā€Ž08-11-2020 04:27 AM

Can anybody help with given task in retake file  Part 3 about PAT??

Since there are very little instruction for this part I even don't get what is exactly wanted.

SkillExamJune2020 - Copy.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to ferdao71493

ā€Ž08-11-2020 05:31 AM

Hello,

 

add the lines marked in bold to the configuration of your Gateway router:

 

Gateway#sh run
Building configuration...

Current configuration : 1605 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Gateway
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
--> ip dhcp excluded-address 192.168.1.65
--> ip dhcp excluded-address 192.168.1.129
!
ip dhcp pool P10
network 192.168.1.64 255.255.255.192
default-router 192.168.1.65
ip dhcp pool P20
network 192.168.1.128 255.255.255.192
default-router 192.168.1.129
!
no ip cef
no ipv6 cef
!
license udi pid CISCO2901/K9 sn FTX15245Y7X-
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.252
--> ip nat inside
!
interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 192.168.1.65 255.255.255.192
--> ip nat inside
!
interface GigabitEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.1.129 255.255.255.192
--> ip nat inside
!
interface Serial0/0/0
no ip address
clock rate 2000000
shutdown
!
interface Serial0/0/1
ip address 209.165.201.18 255.255.255.252
--> ip nat outside
!
interface Vlan1
no ip address
shutdown
!
router eigrp 10
network 192.168.1.0
network 209.165.201.0
!
--> ip nat pool ISP 209.165.201.18 209.165.201.18 netmask 255.255.255.252
--> ip nat inside source list 1 pool ISP overload

or

--> ip nat inside source list 1 interface Serial0/0/1 overload
!
--> ip route 0.0.0.0 0.0.0.0 209.165.201.17

!
ip classless
!
ip flow-export version 9
!
--> access-list 1 permit 192.168.1.0 0.0.0.255
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
password cisco
login
line vty 5 15
login
!
end

View solution in original post

8 Replies 8

Go to solution
paul driver
VIP
VIP

ā€Ž08-11-2020 04:53 AM - edited ā€Ž08-11-2020 04:54 AM

Hello
I have already supplied you with that in the part1-3 configuration PT attached in previous post


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the communityā€™s global network.

Kind Regards
Paul

Go to solution
ferdao71493
Level 1
Level 1
In response to paul driver

ā€Ž08-11-2020 05:00 AM - edited ā€Ž08-11-2020 05:03 AM

Alright sir, I just checked it, but I can still not ping from pc's to loopback from your file neither.

at the same time can you help me understand what is exactly wanted and which commands should be used ?

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to ferdao71493

ā€Ž08-11-2020 05:17 AM

Hello

Well i can so not sure what has changed on the file i orignally sent you


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the communityā€™s global network.

Kind Regards
Paul
4 KB
0 Helpful

Go to solution
ferdao71493
Level 1
Level 1
In response to paul driver

ā€Ž08-11-2020 05:28 AM

I can see now that pings are successful but most important thing is that I don't get what is required exactly on Part 3 and how to configure that.

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to ferdao71493

ā€Ž08-11-2020 05:31 AM

Hello,

 

add the lines marked in bold to the configuration of your Gateway router:

 

Gateway#sh run
Building configuration...

Current configuration : 1605 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Gateway
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
--> ip dhcp excluded-address 192.168.1.65
--> ip dhcp excluded-address 192.168.1.129
!
ip dhcp pool P10
network 192.168.1.64 255.255.255.192
default-router 192.168.1.65
ip dhcp pool P20
network 192.168.1.128 255.255.255.192
default-router 192.168.1.129
!
no ip cef
no ipv6 cef
!
license udi pid CISCO2901/K9 sn FTX15245Y7X-
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.252
--> ip nat inside
!
interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 192.168.1.65 255.255.255.192
--> ip nat inside
!
interface GigabitEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.1.129 255.255.255.192
--> ip nat inside
!
interface Serial0/0/0
no ip address
clock rate 2000000
shutdown
!
interface Serial0/0/1
ip address 209.165.201.18 255.255.255.252
--> ip nat outside
!
interface Vlan1
no ip address
shutdown
!
router eigrp 10
network 192.168.1.0
network 209.165.201.0
!
--> ip nat pool ISP 209.165.201.18 209.165.201.18 netmask 255.255.255.252
--> ip nat inside source list 1 pool ISP overload

or

--> ip nat inside source list 1 interface Serial0/0/1 overload
!
--> ip route 0.0.0.0 0.0.0.0 209.165.201.17

!
ip classless
!
ip flow-export version 9
!
--> access-list 1 permit 192.168.1.0 0.0.0.255
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
password cisco
login
line vty 5 15
login
!
end

Go to solution
ferdao71493
Level 1
Level 1
In response to Georg Pauwen

ā€Ž08-11-2020 10:23 AM

One more question:

It says: 1. Remove the private addresses (192.168.1.x) from the EIGRP configuration, to make
sure that they will not be visible to the outside network.

How did you decide to remove 192.168.1.65 and 192.168.1.129, but not 192.168.1.1 nor 192.168.1.64 and 192.168.1.128 ?

 

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to ferdao71493

ā€Ž08-11-2020 10:35 AM

Hello,

 

actually:

 

--> access-list 1 permit 192.168.1.0 0.0.0.255

 

The access list 'removes' the entire 192.168.1.0/24 address space, and that includes all the addresses you mentioned...

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to ferdao71493

ā€Ž08-12-2020 12:30 AM - edited ā€Ž08-12-2020 03:37 AM

Hello

Is this an entirely new project to the one you originally posted if it isnā€™t the  why do you have eigrp running when your project clearly states to use ospf

Also it doesnā€™t mention creating a dhcp scope or using static routing.

when it says remove the private addresses it means stop advertising them in the routing process thatā€™s it - then to allow communication to the isp loopback you would need to implement NAT on the gateway rtr making sure is receiving a default route dynamically from the isp rtr 


As I cannot open your zip file apologies if this is indeed an entirely different project


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the communityā€™s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card